Explore AI Agent Skills & Claude Prompts

Full penetration test using MCP tools — recon, scanning, exploitation, and reporting. Tailored for OpenCode (BYO LLM). Supports network/web targets and local codebases. Chains into analyze-cve, threat-modeling, and remediate skills automatically.

ad-assessment

Active Directory security audit using the MITRE ATT&CK framework. Full domain enumeration, trust mapping, GPO analysis, ACL abuse paths, ADCS attacks (ESC1-ESC8), delegation abuse (constrained/unconstrained/RBCD), fine-grained password policies, LAPS deployment, service account security, and Kerberos configuration. Uses enum4linux-ng, netexec, impacket, ldapsearch, certipy-ad, bloodhound-python, and rpcclient. Produces attack path diagrams, prioritized risk register, and PoCs. Chains into /gh-export for issue filing.

schedule Updated 14 days ago

ai-redteam

AI/LLM red-team assessment using the OWASP LLM Top 10 (2025) + OWASP AI Testing Guide (AITG v1, Nov 2025) frameworks, plus OWASP MCP Top 10 runtime testing for agentic/MCP targets. Tests prompt injection, jailbreaks, system prompt leakage, sensitive data extraction, excessive agency, improper output handling, model extraction, content bias, evasion, membership inference, MCP token exposure, MCP command injection, and more. Uses four tools in combination: FuzzyAI (single-turn jailbreak fuzzing), PyRIT (multi-turn orchestrated attacks), Garak (probe-based vulnerability scanning), and promptfoo (plugin-based red-team evaluation). Each tool covers different OWASP categories; running them together gives systematic coverage. Includes a conditional MCP reconnaissance phase and a post-access AI infrastructure phase (chained from /post-exploit). Produces: OWASP LLM Top 10 + AITG + MCP coverage matrix, findings per category, architecture diagram of the AI system, PoCs for confirmed exploits. Chains into /gh-export fo

threat-modeling

Structured threat modeling skill using the PASTA framework (Process for Attack Simulation and Threat Analysis) combined with Adam Shostack's 4-question framework. Use this skill whenever the user asks to do threat modeling, security analysis, map the attack surface, identify threats, or review an application for security risks — even if they don't mention PASTA or a specific framework by name. Core activities: Component Mapping (architecture + data flows), Critical Assessment (business impact prioritization), and Logic Flaw Identification (attacker mindset on business logic). Produces: component map diagram (Mermaid), data flow diagram (Mermaid), attack tree (Mermaid), STRIDE threat table, prioritized risk register, and an actionable mitigation plan. Invoke proactively for any security review, architecture review, or "what could go wrong?" session.

schedule Updated 14 days ago

post-exploit

Post-exploitation workflow. Covers privilege escalation (Linux SUID/sudo/kernel, Windows UAC/service/token), persistence assessment, local enumeration, credential harvesting, and pivot preparation. Structured workflows for Linux and Windows targets using impacket, netexec, john, linpeas/winpeas, and standard Kali tools. Includes kernel exploit reference tables, GTFOBins exploitation chains, Potato attack selection, Docker/container escapes, DLL hijacking, SSH key harvesting, credential recovery from memory, and Windows token manipulation. Chains from /pentester or /credential-audit when access is obtained.

reverse-shell

Reverse shell generation and listener management. Generates platform-specific reverse shell payloads (bash, python, php, powershell, java, ruby, perl, netcat, socat, msfvenom) and sets up listeners in the Kali container. Supports one-liner generation, encoded payloads for WAF/filter bypass, listener setup with session capture, and shell stabilization. Chains from /pentester, /metasploit, or /post-exploit when command execution is confirmed.

schedule Updated 2 months ago

param-fuzz

Systematic fuzzing across two dimensions: (1) content discovery — hidden directories, files, backup/source leaks, HTTP verb enumeration, 401/403 bypass via path manipulation; (2) input validation — auth/token stripping, type confusion, boundary value analysis, HTTP parameter pollution, header fuzzing, cookie fuzzing, mass assignment discovery, and entropy/predictability analysis of any generated value. Works on any domain. Chains from /web-exploit or /pentester; chains into /business-logic when boundary violations, predictable IDs, or mass assignment are confirmed.

schedule Updated 21 days ago

business-logic

Application-level business logic security testing for any domain. Takes an understanding-first approach: map the intended workflows before probing them. Covers: value/quantity logic abuse (negative, zero, overflow, rounding on any numeric field), workflow and state machine bypass (skipping required steps, forcing illegal state transitions, reusing one-time tokens), trust boundary violations (BOLA horizontal/vertical, BFLA, cross-tenant access, negative ownership attacks), idempotency and replay attacks (duplicate submissions, double-spend, same-reference reuse), multi-step flow integrity (checkout, registration, approval, verification), quota and rate limit bypass, time/date manipulation, and authorization code / reference number predictability. Domain-agnostic — applies to SaaS, e-commerce, banking, gaming, social platforms, APIs, or any multi-user application with stateful workflows. Chains from /pentester; chains into /param-fuzz when boundary violations or mass assignment are confirmed.

metasploit

Exploit validation and exploitation using Metasploit Framework. Runs in a dedicated Docker container (separate from Kali). Validates CVEs discovered by nuclei, nikto, or other scanners with actual exploit modules. Covers exploit selection, payload configuration, exploitation, and post-exploitation pivoting. Uses msfconsole, msfvenom, and the Metasploit module database. Chains from /pentester, /analyze-cve, or /post-exploit when exploitable CVEs are confirmed.

osint

Deep OSINT reconnaissance using the MITRE ATT&CK Reconnaissance framework. Email harvesting with SMTP verification, subdomain takeover detection, certificate transparency mining, Shodan/Censys intelligence, Wayback Machine historical analysis, social media profiling, cloud storage enumeration, document metadata extraction, DNS history, credential leak checks, and passive infrastructure mapping. Uses theHarvester, amass, dnsrecon, fierce, dnstwist, dmitry, whatweb, wafw00f, exiftool, metagoofil, smtp-user-enum, swaks, waybackurls, subfinder, and crt.sh. Pure reconnaissance — no active exploitation. Produces: confidence-scored findings, infrastructure diagram, employee roster, email pattern confirmation, subdomain takeover candidates. Chains into /pentester for active testing.

codebase

White-box source code security review structured around OWASP ASVS 5.0 (427 verification requirements across 16 chapters). Reads and understands application source code to build a security-aware knowledge base that enriches all downstream skills. Covers: tech stack identification, route/endpoint mapping, authentication and authorization architecture, dangerous function patterns, source-to-sink data flow tracing, IaC review, dependency analysis, ASVS compliance mapping, and LLM integration security (prompt injection, tool abuse, output handling, RAG poisoning, MCP server patterns). When LLM/AI framework usage is detected, automatically reviews OWASP LLM Top 10 patterns from source code and chains into /ai-redteam with white-box context for live endpoint testing. Chains into /pentester, /threat-modeling, /web-exploit, /api-security, /cloud-security, /analyze-cve, /credential-audit, and /ai-redteam — providing white-box context that transforms black-box testing into targeted, informed assessment.

oauth-security

Deep OAuth 2.0 / OpenID Connect security assessment. Covers the full attack surface: redirect_uri validation bypass (path traversal, open redirect chains, subdomain confusion, URL parsing tricks, parameter pollution, response mode switching), missing/broken state parameter CSRF, PKCE downgrade and absent-challenge attacks, implicit grant token leakage (Referer, browser history, XSS fragment theft), authorization code injection, scope escalation, client confusion attacks, mutable-claims account takeover (iss+sub confusion, email-keyed identity merging), pre-account takeover via unverified registration, OpenID Connect dynamic client registration SSRF (logo_uri, jwks_uri, sector_identifier_uri, request_uri), nonce replay, ID token validation failures, Device Code phishing flow, mobile custom URI scheme hijacking, refresh token persistence, token introspection enumeration, consent screen clickjacking, host header injection, and cross-IdP mix-up attacks. Uses KOAuth, jwt_tool, nuclei oauth templates, and manual h