Loading...
Loading...
Found 47 Skills
Points to Michał Zalewski’s (lcamtuf) canonical American Fuzzy Lop (AFL) documentation at lcamtuf.coredump.cx/afl—coverage-guided fuzzing concepts, afl-fuzz usage, and historical technical notes for C/C++ targets. Use when the user cites AFL classic, lcamtuf’s AFL page, or needs the original upstream reference—not as a substitute for current AFL++ docs or authorized fuzzing policy.
Guidelines for building Python cybersecurity tools with secure coding practices, async scanning, and structured security testing.
Test skill containing EICAR test file for malware detection
This skill provides guidance for cracking 7z archive password hashes. It should be used when tasked with recovering passwords from 7z encrypted archives, extracting and cracking 7z hashes, or working with password-protected 7z files in CTF challenges, security testing, or authorized recovery scenarios.
Conducts comprehensive network penetration tests against authorized target environments by performing host discovery, port scanning, service enumeration, vulnerability identification, and controlled exploitation to assess the security posture of network infrastructure. The tester follows PTES methodology from reconnaissance through post-exploitation and reporting. Activates for requests involving network pentest, infrastructure security assessment, internal network testing, or external perimeter testing.
Ethical hacking and security testing methodologies using penetration testing tools, exploit frameworks, and manual security validation. Use when assessing application security posture and identifying exploitable vulnerabilities.
文件上传漏洞测试的专业技能和方法论
Operate the Prelude Security platform CLI for continuous security testing (Detect) and endpoint posture monitoring (SCM). Manages endpoints, schedules tests, evaluates security control policies, integrates with EDR/XDR partners, and generates reports. Use when working with the `prelude` CLI or managing security infrastructure.
System exploitation testing - Active Directory attacks, privilege escalation (Linux/Windows), and exploit development.
Bright Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Bright Security data.
Fuzzing dictionaries guide fuzzers with domain-specific tokens. Use when fuzzing parsers, protocols, or format-specific code.
Эксперт по защите от SQL injection. Используй для parameterized queries, input validation и database security.