analyzing-command-and-control-communication

Installation
SKILL.md

Analyzing Command-and-Control Communication

When to Use

  • Reverse engineering a malware sample has revealed network communication that needs protocol analysis
  • Building network-level detection signatures for a specific C2 framework (Cobalt Strike, Metasploit, Sliver)
  • Mapping C2 infrastructure including primary servers, fallback domains, and dead drops
  • Analyzing encrypted or encoded C2 traffic to understand the command set and data format
  • Attributing malware to a threat actor based on C2 infrastructure patterns and tooling

Do not use for general network anomaly detection; this is specifically for understanding known or suspected C2 protocols from malware analysis.

Prerequisites

Installs
300
GitHub Stars
24.2K
First Seen
Mar 15, 2026
analyzing-command-and-control-communication — mukul975/anthropic-cybersecurity-skills