Configure mutual TLS (mTLS) for zero-trust service-to-service communication. Use when implementing zero-trust networking, certificate management, or securing internal service…
Configure mTLS for Apex callouts using Named Credentials with client certificate authentication. NOT for standard TLS or API key auth.
Naabu is a fast and reliable port scanning tool written in Go by ProjectDiscovery. It supports SYN, CONNECT, and UDP scans, integrates with Nmap for service discovery, and handles…
嵌入式网络调试工具,用于发现接口、抓包、分析 pcap/pcapng、做连通性测试、端口扫描和流量统计。 当用户提到 Wireshark、tshark、Npcap、抓包、网络联调、端口扫描、连通性排查、pcap 分析、 网络接口、ping 测试、traceroute、流量统计、Modbus TCP、EtherNet/IP 等网络协议调试时自动触发, 也兼容…
Network utility for reading and writing data across TCP/UDP connections, port scanning, file transfers, and backdoor communication channels.
· Configure/troubleshoot Linux networking: DNS, proxies, VPNs, VLANs, nftables, routing. Triggers: 'dns', 'reverse proxy', 'vpn', 'wireguard', 'tailscale', 'vlan', 'nftables',…
Configuration de firewalls et règles de sécurité réseau pour iptables, pfSense, Azure NSG et AWS Security Groups.
Analyse de trafic réseau avec Wireshark incluant capture, filtres, protocoles et diagnostic réseau. Se déclenche avec "Wireshark", "capture réseau", "analyse de trafic", "pcap",…
Professional network reconnaissance and port scanning using nmap. Supports various scan types (quick, full, UDP, stealth), service detection, vulnerability scanning, and NSE…
使用 nmap 进行端口扫描和服务识别。当需要对目标进行精细端口扫描、服务版本探测、操作系统指纹识别、NSE 脚本漏洞扫描时使用。nmap 是最经典的网络扫描器,支持 SYN/TCP/UDP/ACK 等多种扫描模式,内置 600+ NSE 脚本。任何涉及端口扫描、服务识别、漏洞脚本扫描、操作系统指纹的场景都应使用此技能。速度不如 naabu,但功能远超…
ntopng is a web-based network traffic monitoring application that provides real-time visibility into network flows, bandwidth usage, and security threats.
Bluetooth Low Energy (BLE) attack methodology — GATT enumeration, characteristic read/write without auth, pairing downgrade (Just Works forced), LE Secure Connections bypass, MITM…
Evil Twin / KARMA / Mana access point methodology — rogue AP construction with hostapd-mana / wifiphisher / airgeddon, KARMA universal probe response, Mana selective probe…
Comprehensive OSINT methodology skill for offensive security, red team intelligence gathering, and bug bounty reconnaissance.
Create or update OMA skills in the SSL-lite human-readable format. Use when adding a new `.agents/skills/{skill-name}/SKILL.md`, converting an existing skill to the standardized…
Performs deep OSINT analysis on domains using Shodan API, SecurityTrails DNS history, and WHOIS RDAP lookups.
Expert skill for packet capture and analysis using libpcap/Wireshark. Execute tcpdump/tshark commands, write BPF filter expressions, analyze pcap files, decode protocol layers,…
PAN-OS firewall'unda DNAT (port yönlendirme) ve security policy source kısıtlama işlerini doğal dilden uygular.
Use when a startup is approached by a prospective partner and someone has to decide should we sign this partner, at what partner tier (referral / reseller / OEM / SI-consulting /…
Simulates ARP spoofing attacks in authorized lab or pentest environments using arpspoof, Ettercap, and Scapy
Analyze IP address reputation using the Shodan API to identify open ports, running services, known vulnerabilities,
Capture and analyze network traffic using Wireshark and tshark to reconstruct network events, extract artifacts,
Perform forensic analysis of network packet captures (PCAP/PCAPNG) using Wireshark, tshark, and tcpdump to reconstruct
Deploy Zeek network security monitor to capture, parse, and analyze network traffic metadata for threat detection,
Crafts and injects custom network packets using Scapy, hping3, and Nemesis during authorized security assessments
SSL/TLS certificate lifecycle management encompasses the full process of requesting, issuing, deploying, monitoring,
Simulates SSL stripping attacks using sslstrip, Bettercap, and mitmproxy in authorized environments to test
Configure SSL/TLS inspection on network security devices to decrypt, inspect, and re-encrypt HTTPS traffic for
Assess SSL/TLS server configurations using the sslyze Python library to evaluate cipher suites, certificate chains,
Simulates VLAN hopping attacks using switch spoofing and double tagging techniques in authorized environments
Philips Hue スマートライトの制御スキル。Hue BridgeのローカルCLIP API v2を使用して照明のON/OFF、明るさ調整、色変更、シーン制御を行う。「Hueの電気をつけて」「リビングを暖色にして」「全部の照明を消して」「ライトの一覧」などの依頼時に使用。
Audit investment portfolio management software for mean-variance optimization, Black-Litterman model, risk parity allocation, VaR/CVaR risk metrics, Brinson performance…
Skill do używania biblioteki preboot-core. Użyj tego skilla zawsze gdy użytkownik chce cache z TTL, rate limiting, synchronizację dostępu po kluczu, transakcje programowe,…
Run a thorough TLS preflight against a host before launch, certificate renewal, or incident review.
Audit procurement and procure-to-pay systems for spend analytics (Pareto analysis, tail spend visibility), supplier consolidation opportunities, Kraljic matrix category…
Network reconnaissance and security auditing using Nmap for port scanning, service enumeration, and vulnerability detection.
· Administer RHEL/Fedora/CentOS/Rocky/Alma/Amazon Linux: dnf, yum, SELinux, firewalld, dracut. Triggers: 'rhel', 'fedora', 'centos stream', 'rocky', 'dnf', 'selinux'.
RouterOS firewall filter, NAT, mangle, and address-list configuration. Use when: writing firewall rules in RouterOS, configuring NAT, setting up address-lists or interface-lists,…
RouterOS packet capture and TZSP streaming for protocol debugging. Use when: capturing packets on RouterOS, setting up /tool/sniffer, streaming live traffic via TZSP, using…
Performs advanced network reconnaissance using Nmap''s scripting engine, timing controls, evasion techniques,
PyTorch neural-network building blocks for neuroscience and signal processing. Differentiable filters (`BandPassFilter`, `BandStopFilter`, `HighPassFilter`, `LowPassFilter`,…
Persistent, auto-reconnecting SSH reverse tunnels for NAT traversal — installs an `autossh` systemd unit on the local host so a bastion/relay server can SSH back in even through…
Manage security policies, firewall zones, access control rules (ACLs), and guest network access. Perform comprehensive security audits and compliance reviews.
Search Shodan for internet-connected devices, open ports, and services — host lookups and database queries
Performs network reconnaissance using the Shodan REST API and Shodan InternetDB. Discovers exposed services, CVE mappings, and generates asset inventories with risk scores for…
Provide systematic methodologies for leveraging Shodan as a reconnaissance tool during penetration testing engagements.
Normalize SKILL.md artifacts into Scheduling-Structural-Logical (SSL) JSON representations using a conservative multi-pass extraction pipeline.
Audits TLS/SSL configurations using sslyze Python library and SSL Labs API v3. Checks certificate chain validity, HSTS headers, and OCSP stapling status with Certificate…
Performs deep TLS certificate chain validation using OpenSSL and Certificate Transparency logs. Monitors expiration dates via the crt.sh API and checks OCSP responder status.
Validates SSL/TLS certificates using OpenSSL s_client, checks OCSP stapling status, and monitors expiry dates.
theHarvester is an open-source OSINT tool for gathering emails, subdomains, hosts, employee names, open ports, and banners from public sources.
Analyzes TLS certificate chains using OpenSSL s_client and the crt.sh Certificate Transparency API. Detects weak algorithms, expiring intermediates, and CT log compliance issues.
Validates TLS/SSL certificate chains using OpenSSL x509 verification and checks OCSP stapling status.
Expert skill for TLS/SSL implementation and certificate management. Generate and validate TLS configurations, create and manage X.509 certificates, analyze cipher suite security,…
使用 uncover 聚合查询网络空间搜索引擎。当需要从 Shodan/Censys/FOFA/Hunter/Quake/ZoomEye 等引擎快速发现暴露资产时使用。uncover 统一了多个搜索引擎的查询接口,一条命令查询多个引擎。任何涉及资产发现、互联网测绘、暴露面排查的场景都应使用此技能
Deep audit of a remote VPS running Docker, Coolify, and Traefik. Use when the user wants to check what containers are running, inspect Coolify services, review Traefik routes,…
Run local AI services on Windows — port binding, firewall, WSL2 networking, and common pitfalls.
Execute comprehensive network traffic analysis using Wireshark to capture, filter, and examine network packets for security investigations, performance optimization, and…
Analyse de trafic réseau avec Wireshark incluant capture, filtres, protocoles et diagnostic réseau. Se déclenche avec "Wireshark", "capture réseau", "analyse de trafic", "pcap",…
This skill should be used when the user asks about "AIR", "algebraic intermediate representation", "ZK constraints", "trace design", "constraint soundness", "polynomial…