Skills
skills/mukul975/anthropic-cybersecurity-skills/performing-red-team-with-covenant

performing-red-team-with-covenant

SKILL.md

Performing Red Team Operations with Covenant C2

Overview

Covenant is a collaborative .NET C2 framework for red teamers that provides a Swagger-documented REST API for managing listeners, launchers, grunts (agents), and tasks. This skill covers automating Covenant operations through its API for authorized red team engagements: creating HTTP/HTTPS listeners, generating binary and PowerShell launchers, deploying grunts, executing tasks on compromised hosts, and tracking lateral movement.

Prerequisites

  • Covenant C2 server deployed (Docker or .NET 6)
  • Python 3.9+ with requests library
  • Covenant API token (obtained via /api/users/login)
  • Written authorization for red team engagement
  • Isolated lab or authorized target environment

Steps

Step 1: Authenticate to Covenant API

Obtain a JWT token by posting credentials to /api/users/login endpoint.

Step 2: Create Listener

Configure an HTTP or HTTPS listener with callback URLs and bind address.

Step 3: Generate Launcher

Create a binary, PowerShell, or MSBuild launcher tied to the listener for grunt deployment.

Step 4: Deploy and Manage Grunts

Monitor grunt callbacks, execute tasks, and collect output from compromised hosts.

Step 5: Document Operations

Generate an operations report documenting all actions, timestamps, and findings.

Expected Output

JSON report with listener configuration, active grunts, executed tasks, and task output for engagement documentation.

Weekly Installs
1
Repository
mukul975/anthro…y-skills
GitHub Stars
1.3K
First Seen
2 days ago
Security Audits
Gen Agent Trust HubPass
SocketFail
SnykFail
Installed on
zencoder1
amp1
cline1
opencode1
cursor1
kimi-cli1