SkillHub
SkillHubagent skills marketplace
Menu
All SkillsStacksKOLHotRankings
Sign inGet Pro
Back to skills
SkillHub ClubShip Full StackFull Stack

pentest-c2-operator

Set up authorized C2 simulation workflows and measure defensive detection outcomes.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars
3,087
Hot score
99
Updated
March 20, 2026
Overall rating
C4.0
Composite score
4.0
Best-practice grade
B77.6

Install command

npx @skill-hub/cli install openclaw-skills-pentest-c2-operator

Repository

openclaw/skills

Skill path: skills/0x-professor/pentest-c2-operator

Set up authorized C2 simulation workflows and measure defensive detection outcomes.

Open repository

Best for

Primary workflow: Ship Full Stack.

Technical facets: Full Stack.

Target audience: everyone.

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: openclaw.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

  • Install pentest-c2-operator into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
  • Review https://github.com/openclaw/skills before adding pentest-c2-operator to shared team environments
  • Use pentest-c2-operator for development workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

Original source / Raw SKILL.md

---
name: pentest-c2-operator
description: Set up authorized C2 simulation workflows and measure defensive detection outcomes.
---

# Pentest C2 Operator

## Stage

- PTES: 5-6
- MITRE: TA0011

## Objective

Track infrastructure, persistence, and alerting outcomes from C2 simulation.

## Required Workflow

1. Validate scope before any active action and reject out-of-scope targets.
2. Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
3. Write findings in canonical finding_schema format with reproducible PoC notes.
4. Honor dry-run mode and require explicit --i-have-authorization for live execution.
5. Export deterministic artifacts for downstream skill consumption.

## Execution

```bash
python skills/pentest-c2-operator/scripts/c2_operator.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run
```

## Outputs

- `c2-infrastructure.json`
- `persistence-mechanisms.json`
- `c2-report.json`

## References

- `references/tools.md`
- `skills/autonomous-pentester/shared/scope_schema.json`
- `skills/autonomous-pentester/shared/finding_schema.json`

## Legal and Ethical Notice

```text
WARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.

```


---

## Referenced Files

> The following files are referenced in this skill and included for context.

### references/tools.md

```markdown
# Pentest C2 Operator Tools

| Tool | URL |
|---|---|
| Sliver | https://github.com/BishopFox/sliver |
| Mythic | https://github.com/its-a-feature/Mythic |
| Havoc | https://github.com/HavocFramework/Havoc |
| Cobalt Strike | https://www.cobaltstrike.com/ |
| Atomic Red Team | https://github.com/redcanaryco/atomic-red-team |

```



---

## Skill Companion Files

> Additional files collected from the skill directory layout.

### _meta.json

```json
{
  "owner": "0x-professor",
  "slug": "pentest-c2-operator",
  "displayName": "Pentest C2 Operator",
  "latest": {
    "version": "0.1.0",
    "publishedAt": 1772315697087,
    "commit": "https://github.com/openclaw/skills/commit/94a1cabbffd207a12f1b95b3c84343cfbd5ddc02"
  },
  "history": []
}

```

### scripts/c2_operator.py

```python
#!/usr/bin/env python3
"""pentest-c2-operator script - AUTHORIZED SECURITY TESTING ONLY."""
from __future__ import annotations
import argparse,json,sys
from datetime import datetime,timezone
from pathlib import Path
SHARED_DIR=Path(__file__).resolve().parents[2]/"autonomous-pentester"/"shared"
if str(SHARED_DIR) not in sys.path: sys.path.insert(0,str(SHARED_DIR))
from pentest_common import load_payload,render_result,resolve_artifact_path,resolve_output_file,validate_scope,write_placeholder_artifact  # noqa: E402
SKILL_NAME="pentest-c2-operator"
REPORT_STEM="c2-operator-report"
GENERATED_OUTPUTS=[
    "c2-infrastructure.json",
    "persistence-mechanisms.json",
    "c2-report.json"
]

def parse_args()->argparse.Namespace:
    p=argparse.ArgumentParser(description="Track infrastructure, persistence, and alerting outcomes from C2 simulation.")
    p.add_argument('--scope',default='scope.json'); p.add_argument('--target',required=True)
    p.add_argument('--input',default='.'); p.add_argument('--output',default='.')
    p.add_argument('--format',choices=['json','md','csv'],default='json'); p.add_argument('--dry-run',action='store_true')
    p.add_argument('--i-have-authorization',action='store_true',help='Confirm you have written authorization to test this target.')
    return p.parse_args()

def build_finding(target:str)->dict:
    return {'finding_id':f"{SKILL_NAME.replace('-', '_')}-001",'skill':SKILL_NAME,'timestamp':datetime.now(timezone.utc).isoformat(),'target':target,'title':'Pentest C2 Operator identified a security weakness','cve':'N/A','cwe':'CWE-693','cvss_score':8.0,'cvss_vector':'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L','owasp_category':'A05:2021 - Security Misconfiguration','mitre_attack':'TA0011','severity':'High','description':'Automated and manual testing identified a security condition requiring remediation.','proof_of_concept':'python scripts/c2_operator.py --dry-run','screenshot':'assets/findings/placeholder.png','remediation':'Apply least privilege, secure defaults, and verify fixes with retest.','references':["https://github.com/BishopFox/sliver", "https://github.com/its-a-feature/Mythic"],'status':'open'}

def main()->int:
    args=parse_args()
    scope_ok,scope_meta=validate_scope(args.target,args.scope)
    report_path=resolve_output_file(args.output,args.format,REPORT_STEM)
    if not scope_ok:
        r={'status':'error','summary':'TARGET NOT IN AUTHORIZED SCOPE - ABORTING','artifacts':[str(report_path)],'details':{'skill':SKILL_NAME,'target':args.target,'scope':scope_meta,'dry_run':args.dry_run}}
        render_result(r,report_path,args.format); print(json.dumps(r,indent=2)); return 1
    if not args.i_have_authorization and not args.dry_run:
        r={'status':'error','summary':'You must pass --i-have-authorization to confirm written authorization.','artifacts':[str(report_path)],'details':{'skill':SKILL_NAME,'target':args.target,'scope':scope_meta,'dry_run':args.dry_run}}
        render_result(r,report_path,args.format); print(json.dumps(r,indent=2)); return 1
    payload=load_payload(args.input); finding=build_finding(args.target); arts=[]
    if not args.dry_run:
        for rel in GENERATED_OUTPUTS:
            ap=resolve_artifact_path(report_path.parent,rel)
            write_placeholder_artifact(ap,{'skill':SKILL_NAME,'target':args.target,'generated_at':datetime.now(timezone.utc).isoformat(),'input_payload':payload,'findings':[finding]})
            arts.append(str(ap))
    r={'status':'ok','summary':'Dry run completed' if args.dry_run else 'Skill executed','artifacts':arts+[str(report_path)],'details':{'skill':SKILL_NAME,'target':args.target,'scope':scope_meta,'findings':[finding],'expected_outputs':GENERATED_OUTPUTS,'dry_run':args.dry_run}}
    render_result(r,report_path,args.format); print(json.dumps(r,indent=2)); return 0

if __name__=='__main__': raise SystemExit(main())

```
pentest-c2-operator | SkillHub