CISO Security KitThreat HuntingAI CISO

C2 Beaconing Detection

Statistical and JA3 / JARM based detection of command-and-control beacons over HTTPS and DNS.

What this skill does

C2 Beaconing Detection is a versioned playbook inside the CISO Security Kit. It runs on the AI CISO agent through the Procux skill runtime, producing structured, auditable output suitable for executive review and regulator submission.

Kit: CISO Security Kit
Category: Threat Hunting
Primary agent(s): AI CISO
Tags: threat-hunting, c2, beacon, ja3

How to use it

Sign in to your Procux workspace and open the platform dashboard.
Pick the AI CISO agent, then pick C2 Beaconing Detection from the CISO Security Kit catalog.
Provide the required inputs (repo, document, endpoint, jurisdiction) — the agent runs the playbook and returns a structured report.
Review, iterate, or export (PDF / JSON / Markdown) as part of your internal review cycle.

Related skills

APT Campaign Analysis
Map observed TTPs to MITRE ATT&CK, pivot over known APT playbooks, produce adversary emulation plan.
DNS Tunneling Detection
Detect DNS exfiltration and covert channels via entropy, subdomain length, NXDOMAIN ratios, and query rate.
Lateral Movement Hunting
Hunt RDP / SMB / WMI / WinRM based lateral movement across endpoint + identity telemetry.

← Back to full catalog