Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة
dariushoule
ملف منشئ GitHub

dariushoule

عرض على مستوى المستودعات لـ 24 skills مجمعة عبر 2 مستودعات GitHub.

skills مجمعة
24
مستودعات
2
محدث
2026-07-06
مستكشف المستودعات

المستودعات و skills الممثلة

hashcat
محللو أمن المعلومات

Offline password-hash cracking with hashcat on the host GPU, for authorized pentesting and CTF. Use to identify an unknown hash's type, pick the right hashcat mode, fetch a wordlist, and run a sensible wordlist→rules→mask attack ladder. Triggers on "help me crack this hash", "crack this hash", "crack this NTLM/NetNTLMv2/kerberoast/AS-REP hash", "what hashcat mode is this", "identify this hash", "hashcat", "crack the roast".

2026-07-06
linux-privesc
محللو أمن المعلومات

Linux local privilege escalation methodology for authorized pentesting and CTF — turn a foothold shell (often a low-priv/service account like www-data) into root. Use after landing any non-root shell on a Linux host and you need to escalate: enumerate the local attack surface (sudo, SUID/SGID, capabilities, cron/timers, writable files, internal root services, credential reuse, kernel) and exploit the weakest link. Triggers on "privesc", "privilege escalation", "I have a shell now what", "escalate to root", "get root", "I'm www-data", "root this box", "linpeas", "sudo -l", "SUID", "GTFOBins".

2026-07-06
browse
مطوّرو البرمجيات

Drive a real web browser as a companion to the operator during authorized pentesting/CTF — a host Chrome routed through the VPN that both the human and the agent can control over CDP (Playwright MCP). Use to explore a web app interactively, reproduce/poke at flows, enumerate authenticated areas after the operator logs in, capture network/console, and turn what's seen into recon/exploit leads. Triggers on "open a browser", "browse to", "drive the browser", "poke around the web app", "click through the app", "log in and explore", "look at this page in a browser", "use the browser".

2026-06-28
recon
محللو أمن المعلومات

Network, service, and web enumeration for authorized pentesting and CTF. Use when starting an engagement or CTF box and you need to map attack surface — discover open ports, fingerprint services, enumerate web apps, and triage what to attack first. Triggers on "recon", "enumerate", "scan", "what ports are open", "where do I start on this box/target".

2026-06-28
retro
المهن الحاسوبية الأخرى

Post-engagement retrospective that turns one run's operator↔agent interactions into durable improvements to this repo's skills, runbooks, and tooling. Use at the end of an engagement (after the work, ideally before teardown wipes scratch) to refine skills, extract runbooks, prune box-specific dead weight, propose new skills/tools, and fix the rough edges where the agent tripped. Proposal-first — produces a reviewed changeset the operator approves before anything is written. Triggers on "retro", "retrospective", "debrief", "post-mortem", "what did we learn", "improve the skills", "update the playbooks", "capture lessons", "tune the skills from this engagement".

2026-06-22
wordlists
محللو أمن المعلومات

Pick and fetch the right SecLists wordlist on demand for content discovery, fuzzing, subdomain/vhost enum, parameter mining, default-cred spraying, and payload injection (LFI/SSRF/SQLi/XSS), for authorized pentesting and CTF. Use when a fuzz/brute job needs a list the baked tool images don't already carry, or when choosing which list fits the task. Triggers on "which wordlist", "find a wordlist", "seclists", "content discovery list", "api wordlist", "parameter wordlist", "fuzz list", "pull down a wordlist", "bigger wordlist".

2026-06-22
cloud
محللو أمن المعلومات

Cloud-emulator and AWS-compatible-API attack methodology for authorized pentesting and CTF. Use when a target exposes an AWS-shaped API (LocalStack, moto, or a custom/look-alike mock), an instance metadata service (IMDS / 169.254.169.254) reachable via SSRF, or you hold cloud credentials and need to map principals, abuse a cloud service, and escalate. Triggers on "cloud", "AWS", "IMDS", "metadata service", "LocalStack", "moto", "S3/SQS/STS/IAM endpoint", "cloud creds", "instance profile", "I have an access key", "cloud-emulator box".

2026-06-22
vuln-research
محللو أمن المعلومات

CVE and public-exploit (PoC) research for authorized pentesting and CTF. Use after recon fingerprints a service/version to find known vulnerabilities and working exploits — GitHub PoCs, Exploit-DB, Metasploit modules — ranked by exploitability. Also sharpens web fingerprints (versions) before lookup. Triggers on "CVE", "known vulnerabilities", "vuln research", "vuln lookup", "exploits for <service>", "is X vulnerable", "public PoC", "searchsploit", "find exploits", "what can I exploit".

2026-06-21
عرض أهم 8 من أصل 16 skills مجمعة في هذا المستودع.
yara-sigs
محللو أمن المعلومات

Scan a state snapshot's memory dumps with YARA signatures to detect packers, crypto constants, malware, and more

2026-03-13
state-snapshot
مطوّرو البرمجيات

Capture a full debuggee state snapshot (all committed memory regions + processor state) to disk for offline analysis

2026-03-13
find-oep
محللو أمن المعلومات

Smart trace-based OEP finder for packed/protected PE executables. Traces through packer stubs using intelligent stepping, anti-debug evasion, and heuristic OEP detection, then captures a state snapshot at the original entry point.

2026-03-11
vuln-hunter
محللو أمن المعلومات

Hunt for vulnerabilities in a running debuggee by analyzing imports/exports, triaging attack surface, and iteratively testing for bugs with PoC generation.

2026-03-11
shellcode-analyzer
محللو أمن المعلومات

Load, unpack, and analyze shellcode in x64dbg. Use this skill when the user wants to analyze shellcode, load a shellcode blob into a debugger, unpack encoded/encrypted shellcode, or perform static/dynamic analysis of shellcode payloads.

2026-03-05
decompile
مطوّرو البرمجيات

Decompile a function to C-like pseudocode using angr

2026-02-12
state-diff
مطوّرو البرمجيات

Compare two state snapshots to identify register and memory changes between two points in time

2026-02-12
tracealyzer
مطوّرو البرمجيات

Trace execution (into or over calls) for N steps or until a condition, then analyze the recorded instruction log

2026-02-12
عرض 2 من أصل 2 مستودعات
تم تحميل كل المستودعات