OMNI Feature

AI Triász — Three Assistants,
Zero Extra Tools

Most C2 platforms leave reporting, path planning, and monitoring to the operator. OMNI ships with three purpose-built AI assistants that handle all three — cutting documentation time by 60%, surfacing missed attack paths in real time, and alerting on beacon anomalies before they become incidents.

Report Generator
60% faster pentest reports
Attack Path Advisor
Real-time next-step suggestions
Anomaly Detector
Live session behaviour monitoring

The Three Assistants

01 / Report Generator

From raw sessions to client-ready report in minutes

  • Executive summary with risk rating
  • Technical findings with reproduction steps
  • CVSS scores auto-calculated
  • Remediation recommendations included
02 / Attack Path Advisor

Never miss the next logical step again

  • Analyses current session state and discovered assets
  • Suggests Kerberoasting, DCSync, pivot routes
  • Ranks moves by likelihood of success
  • Updates suggestions as new hosts are compromised
03 / Anomaly Detector

Know when something is wrong before it's too late

  • Monitors beacon check-in timing drift
  • Alerts on unexpected network egress patterns
  • Detects concurrent sessions on same host
  • In-UI alerts with session context
# Example: AI report generation via CLI
[omni@c2]$ ai report --session SESSION-001 --format pdf
[AI] Analysing 47 events across 3 hosts...
[+] Executive summary generated — 2 critical, 4 high, 6 medium findings
[+] Report saved → reports/engagement-2024-04-24.pdf
Generation time: 94 seconds

Use AI Triász in your next engagement

Included in all OMNI plans — from $200/mo. 7-day money-back guarantee.

Live demo
OMNI C2 · Report Generator · CORP-ENG-007
[OMNI]❯[DEMO]❯[CORP-ENG-007]» !report generate --format docx --scope full
[*] Initializing Report Generator AI...
[*] Pulling session data: 14 agents · 38 executed modules · 4 laterals
[*] Analysing attack path graph...

[+] Executive Summary generated (AI)
[+] Technical Findings 14 findings → 4 Critical / 6 High / 3 Medium / 1 Low
[+] Attack Path Diagram initial access → lateral → DA
[+] Evidence Appendix 38 module outputs, 12 screenshots
[+] Remediation Table 14 recommendations with CVSS mapped

[+] Report ready
Format: DOCX
Pages: 42
Time: 47 seconds
└─ Saved: reports/CORP-ENG-007/2026.04.24/full_report_[demo].docx
[+] Command completed successfully
OMNI C2 · Attack Path Advisor · CORP-ENG-007
[OMNI]❯[DEMO]❯[CORP-ENG-007]» !advisor suggest
[*] Analysing current position and network context...

[+] Attack Path Advisor — Top Suggestions

[1] Kerberoast high-value SPNs [Confidence: HIGH]
Rationale: 3 SPNs found on DA-equivalent accounts (spn_scan output)
Suggested: !cred_kerberoast --spn MSSQLSvc/db-prod.corp.local

[2] Abuse unconstrained delegation on FILESERVER-01 [Confidence: MEDIUM]
Rationale: deleg_enum found unconstrained delegation flag set
Suggested: !priv_tok_impersonate --target FILESERVER-01$

[3] DPAPI master key extraction [Confidence: MEDIUM]
Rationale: local admin on WS-042, DPAPI blobs in user profile
Suggested: !cred_dpapi_blob --domain

[+] Command completed successfully