mirror of
https://github.com/CyberSecurityUP/Offensive-AI-Agent-Prompts.git
synced 2026-02-12 14:32:47 +00:00
Create prompt-05.md
This commit is contained in:
Joas A Santos
14
Blue Team/prompt-05.md
Normal file
14
Blue Team/prompt-05.md
Normal file
@@ -0,0 +1,14 @@
|
||||
Threat-hunt this potential C2 indicator: <IP or DOMAIN>
|
||||
|
||||
Observed pattern:
|
||||
- Periodicity: <e.g., every 60s/5m/random>
|
||||
- Bytes in/out: <RANGE>
|
||||
- Protocol: <HTTP(S)/DNS/ICMP/OTHER>
|
||||
- User-agent / SNI / JA3 (if known): <VALUES>
|
||||
- Affected hosts count: <N>
|
||||
|
||||
Deliver:
|
||||
- Beaconing assessment (why/why not)
|
||||
- What to verify next (process lineage, scheduled tasks, persistence checks)
|
||||
- Containment recommendation threshold (when to isolate)
|
||||
- Detections to add (behavioral, not just IOC)
|
||||
Reference in New Issue
Block a user