Loading...
Loading...
Found 39 Skills
Use when challenging ideas, plans, decisions, or proposals using structured critical reasoning. Invoke to play devil's advocate, run a pre-mortem, red team, or audit evidence and assumptions.
Linux security mechanism bypass playbook. Use when facing restricted bash/rbash, read-only or noexec filesystems, AppArmor, SELinux, seccomp filters, or audit logging that must be evaded during post-exploitation.
Windows lateral movement playbook. Use when pivoting between Windows hosts via PsExec, WMI, WinRM, DCOM, RDP, pass-the-hash, overpass-the-hash, or pass-the-ticket techniques.
macOS security bypass playbook. Use when targeting macOS endpoints and need to bypass TCC, Gatekeeper, SIP, sandbox, code signing, or entitlement-based protections during authorized red team or pentest engagements.
Analyze arguments, detect biases, evaluate claims, and improve reasoning. Use when asked to fact-check, identify logical fallacies, evaluate arguments, analyze predictions, find root causes, or think adversarially about plans. Triggers include "evaluate this argument", "logical fallacies", "fact check", "analyze the claims", "identify biases", "devil's advocate", "red team this", "root cause".
Think and act like an attacker to identify security vulnerabilities, weaknesses, and penetration vectors through adversarial security testing
Kerberos attack playbook for Active Directory. Use when targeting AD authentication via AS-REP roasting, Kerberoasting, golden/silver/diamond tickets, delegation abuse, or pass-the-ticket attacks.
LLM prompt testing, evaluation, and CI/CD quality gates using Promptfoo. Invoke when: - Setting up prompt evaluation or regression testing - Integrating LLM testing into CI/CD pipelines - Configuring security testing (red teaming, jailbreaks) - Comparing prompt or model performance - Building evaluation suites for RAG, factuality, or safety Keywords: promptfoo, llm evaluation, prompt testing, red team, CI/CD, regression testing
(Industry standard: Loop Agent / Single Agent) Primary Use Case: Self-contained research, content generation, and exploration where no inner delegation is required. Self-directed research and knowledge capture loop. Use when: starting a session (Orientation), performing research (Synthesis), or closing a session (Seal, Persist, Retrospective). Ensures knowledge survives across isolated agent sessions.
Comprehensively evaluate the overall security of an application from two perspectives: attackers (Red Team) and defenders (Blue Team). Run two agents in parallel → output an integrated report via review-aggregator. Use this when you want to "understand the overall security status of the application", "identify vulnerabilities from an attacker's perspective", or "verify that there are no gaps in the defense system". Use security-hardening for addressing specific vulnerabilities, and security-audit-quick for fast detection of known patterns.
Build and configure a resilient command-and-control infrastructure using BishopFox's Sliver C2 framework with redirectors, HTTPS listeners, and multi-operator support for authorized red team engagements.
Search and retrieve pentesting, red teaming, and security research information from the HackTricks wiki (book.hacktricks.wiki). Use for payloads, methodologies, bypasses, and edge-case behaviors across web, network, cloud, and application security topics.