Files
Anthropic-Cybersecurity-Skills/skills/conducting-full-scope-red-team-engagement/references/api-reference.md
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

1.8 KiB

Full-Scope Red Team Engagement — API Reference

Libraries

Library Install Purpose
attackcti pip install attackcti MITRE ATT&CK STIX/TAXII client for technique enumeration
impacket pip install impacket AD attack tools (secretsdump, psexec, wmiexec)
requests pip install requests HTTP client for C2 API integration

Key attackcti Methods

Method Description
attack_client() Initialize MITRE ATT&CK client
client.get_enterprise_techniques() List all Enterprise techniques
client.get_enterprise_mitigations() List mitigations
client.get_groups() List threat actor groups
client.get_software() List tools and malware

Engagement Phases (PTES Framework)

Phase Duration Key Activities
Pre-engagement 1-2 weeks Scoping, RoE, legal agreements
Reconnaissance 3-5 days OSINT, footprinting, enumeration
Initial Access 5-7 days Phishing, exploits, physical
Post-exploitation 5-7 days Lateral movement, persistence, privilege escalation
Objective 2-3 days Crown jewel access, exfiltration simulation
Reporting 3-5 days Findings, remediation, executive brief

C2 Frameworks

Framework Type Protocol
Cobalt Strike Commercial HTTPS, DNS, SMB
Sliver Open source mTLS, HTTPS, DNS, WireGuard
Mythic Open source HTTP, websocket, custom

External References