Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة
مستودع GitHub

pentest-skills

يحتوي pentest-skills على 11 من skills المجمعة من crazyMarky، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.

skills مجمعة
11
Stars
249
محدث
2026-06-04
Forks
28
التغطية المهنية
2 فئات مهنية · 100% مصنفة
مستكشف المستودعات

Skills في هذا المستودع

exploit-lfi
محللو أمن المعلومات

本地文件包含 (LFI) 漏洞检测和利用工具。使用 curl、ffuf 等工具测试 LFI 漏洞,支持路径遍历、PHP 伪协议利用、日志投毒 RCE、敏感文件读取。当用户需要检测 LFI 漏洞、利用文件包含漏洞读取服务器文件时使用此技能。

2026-06-04
exploit-sqli
محللو أمن المعلومات

SQL injection detection and exploitation using sqlmap, manual techniques, and custom payloads. Use this skill when user needs to test for SQL injection vulnerabilities, extract database information, or exploit SQLi in parameters, headers, or cookies.

2026-06-04
pentest-report
محللو أمن المعلومات

按照标准格式生成渗透测试报告,包含项目信息表、漏洞发现清单、漏洞详情(含属性表、描述、复现步骤、证据截图、修复建议)、附录(风险等级定义、CVSS说明、词汇表)。当用户要求生成渗透测试报告、安全测试报告、漏洞报告时使用此技能。严格遵循项目模板目录中的标准格式。

2026-03-06
exploit-file-download
محللو أمن المعلومات

任意文件下载与本地文件包含 (LFI) 漏洞检测和利用工具。使用 curl、ffuf、wget 等工具测试文件下载漏洞,支持路径遍历、伪协议利用、敏感文件读取。当用户需要测试文件下载功能、检测 LFI 漏洞、读取服务器敏感文件时使用此技能。

2026-03-05
exploit-file-download
محللو أمن المعلومات

Arbitrary file download vulnerability detection and exploitation using path traversal techniques, bypass methods, and sensitive file discovery. Use this skill when user needs to test for file download vulnerabilities, path traversal, or read sensitive files on target systems.

2026-02-15
exploit-xss
محللو أمن المعلومات

Cross-site scripting (XSS) vulnerability detection and exploitation. Supports reflected XSS, stored XSS, DOM-based XSS, and blind XSS testing. Use this skill when user mentions XSS, cross-site scripting, script injection, or needs to test JavaScript injection in parameters, forms, headers, or DOM sources.

2026-02-15
recon-dir-scan
محللو أمن المعلومات

Directory and file enumeration using ffuf, gobuster, dirsearch, and feroxbuster. Use this skill when user needs to discover hidden directories, enumerate files, find backup files, or map application structure through path fuzzing.

2026-02-15
recon-fingerprint
محللو أمن المعلومات

Web fingerprinting and WAF detection using wafw00f, whatweb, nuclei, and httpx. Use this skill when user needs to identify web technologies, detect WAF/CDN, analyze server headers, or fingerprint web applications and frameworks.

2026-02-15
recon-port-scan
محللو أمن المعلومات

Port scanning and service identification using nmap, masscan, and rustscan. Use this skill when user needs to discover open ports, identify running services, detect service versions, or fingerprint operating systems on target hosts.

2026-02-15
recon-subdomain
محللو أمن المعلومات

Subdomain enumeration and DNS reconnaissance using subfinder, amass, dnsx, and other tools. Use this skill when user needs to discover subdomains, perform DNS enumeration, gather DNS records, or find hidden subdomains of a target domain.

2026-02-15
results-storage
مطوّرو البرمجيات

SQLite-based persistent storage and reporting system for penetration testing results. Use this skill when user needs to store scan results, query vulnerabilities, generate reports, or manage pentest data across sessions.

2026-02-15