Audit de sécurité complet pour les projets Supabase. Lance un pentest automatisé qui vérifie RLS, buckets, auth, keys exposées, et génère un rapport avec remediation.
Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit…
System bottleneck identification and exploitation skill with throughput analysis and five focusing steps implementation
Phishing simulation campaign execution and analysis for security awareness assessment
Audits Solidity codebases for smart contract vulnerabilities using a four-phase workflow (cheatsheet loading, codebase sweep, deep validation, reporting) covering 36 vulnerability…
Build flawless Claude Code skills. Studies existing skills as reference, ensures correct format, and pushes for genuine intelligence — skills that exploit something specific about…
Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security…
Porter 5 Forces + game-theory primer for a specific market — equilibrium prediction, response-game tree, exit scenarios. Routes to red-team-strategist agent.
Generate a runnable exploit-validation command (Nuclei template, Metasploit module hint, AI-assisted Python script, or curl-based PoC) against a user-specified authorised target.
Search for exploits across all vulnerabilities with filtering by ecosystem, severity, source, and EPSS
CISA + EU KEV (Known Exploited Vulnerabilities) catalog watch — pull recent KEV additions, intersect with installed dependencies, surface entries with imminent due dates.
Score durability across 7 moat types (network, switching, scale, brand, IP, data, regulatory) with 0–10 per moat + decay-rate forecast. Routes to red-team-strategist.
Knowledge router AND interactive teacher across every book-derived skill in this project. Two modes — (1) **ask**: auto-discovers all domain skills (finance, vuln hunting, AI…
Post-fix verification — re-scan the repo, gate on `--exploits weaponized --severity high`, recheck the specific CVE against the new installed version, write the verdict to…
Advanced binary exploitation and mitigation bypass
Exploit development automation using pwntools framework
Active Directory ACL 滥用攻击方法论。当 BloodHound 发现 GenericAll/WriteDACL/WriteOwner/GenericWrite/ForceChangePassword 等危险 ACE 时使用。覆盖 ACE 枚举、权限滥用链、Shadow Credentials、RBCD 攻击
Expert penetration tester specializing in ethical hacking, vulnerability assessment, and security testing.
A.I.G Scanner — AI security scanning for infrastructure, AI tools / skills, AI Agents, and LLM jailbreak evaluation via Tencent Zhuque Lab AI-Infra-Guard.
Detect and analyze heap spray attacks in memory dumps using Volatility3 plugins to identify NOP sled patterns,
Red team tactics principles based on MITRE ATT&CK. Attack phases, detection evasion, reporting.
Generates strategic attack trees and kill chains from reconnaissance data or domain input. Maps MITRE ATT&CK TTPs, identifies chaining opportunities, trust relationships, and…
Competitive intelligence engine that deconstructs competitor positioning, surfaces exploitable weaknesses, and predicts competitive responses.
Systematic departures from rational choice theory and their implications for economic analysis and policy.
Target-agnostic bug bounty hunting methodology with parallel recon, systematic testing workflows, and vulnerability-specific exploitation guidance
Builds a structured vulnerability scanning workflow using tools like Nessus, Qualys, and OpenVAS to discover,
Burp Suite integration. Manage data, records, and automate workflows. Use when the user wants to interact with Burp Suite data.
Execute comprehensive web application security testing using Burp Suite's integrated toolset, including HTTP traffic interception and modification, request analysis and replay,…
Extract and structure claims from discourse into analyzable argument maps with logical relationships and assumptions.
Apply CO7 Network Effects to exploit increasing value as user base or connections grow.
Systematically identify and win accounts from major freight brokers by exploiting their known vulnerabilities.
Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting
Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using
Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify
Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate
Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access.
Exploit the 1M token context (Opus 4.6 / Sonnet 4.6) for full codebase awareness in SpecKit. Intelligently loads constitution, specs, skills, and codebase files while staying…
Autonomous penetration testing coordinator using ReAct methodology. Automatically activates when user provides a target IP or asks to start penetration testing.
Advanced password recovery and hash cracking tool supporting multiple algorithms and attack modes. Use when: (1) Performing authorized password auditing and security assessments,…
Provides AI and machine learning techniques for CTF challenges. Use when attacking ML models, crafting adversarial examples, performing model extraction, prompt injection,…
Binary exploitation (pwn) techniques for CTF challenges. Use when exploiting buffer overflows, format strings, heap vulnerabilities, race conditions, or kernel bugs.
Comprehensive academic advisor investigation and evaluation system for graduate school decisions. Investigates professors at any institution worldwide — searches publications…
Use when testing plans or decisions for blind spots, need adversarial review before launch, validating strategy against worst-case scenarios, building consensus through structured…
Guide méthodologique pour tests d'intrusion et évaluation de sécurité. À utiliser pour préparer ou conduire un pentest.
Executes authorized phishing simulation campaigns to assess an organization''s susceptibility to email-based
Red team engagement planning is the foundational phase that defines scope, objectives, rules of engagement (ROE),
Executes comprehensive red team exercises that simulate real-world adversary operations against an organization''s
Systematic methodology for developing reliable exploits from vulnerability discovery to weaponization
Develop working exploits using pwntools. Includes exploit template and common patterns.
Exploit researcher persona specializing in attack surface analysis, exploit scenario generation, and vulnerability chaining
Comprehensive knowledge about vulnerability exploitation and initial access. Provides expertise on finding and adapting exploits, adapting proof-of-concepts, gaining shells, and…
Tests APIs for injection vulnerabilities including SQL injection, NoSQL injection, OS command injection, LDAP
Discover and exploit broken link hijacking vulnerabilities by identifying references to expired domains, decommissioned
Exploit Kerberos Constrained Delegation misconfigurations in Active Directory to impersonate privileged users
Tests and exploits deep link (URL scheme and App Link) vulnerabilities in Android and iOS mobile applications
Tests APIs for excessive data exposure where endpoints return more data than the client application needs, relying
Identifies and exploits insecure local data storage vulnerabilities in Android and iOS mobile applications including
Identifies and exploits IPv6-specific vulnerabilities including SLAAC spoofing, Router Advertisement flooding,
Perform Kerberoasting attacks using Impacket's GetUserSPNs to extract and crack Kerberos TGS tickets for Active
MS17-010 (EternalBlue) is a critical vulnerability in Microsoft's SMBv1 implementation that allows remote code