Skip to main content
Run any Skill in Manus
with one click
GitHub repository

homeLab

homeLab contains 13 collected skills from OmarElsahragty, with repository-level occupation coverage and site-owned skill detail pages.

skills collected
13
Stars
2
updated
2026-04-09
Forks
0
Occupation coverage
1 occupation categories · 100% classified
repository explorer

Skills in this repository

pentest-active-directory
information-security-analysts

Active Directory penetration testing — BloodHound enumeration, Kerberoasting, AS-REP Roasting, lateral movement, DCSync, Pass-the-Hash, domain privilege escalation. Use when target network has Windows domain controllers.

2026-04-09
pentest-cloud
information-security-analysts

Cloud security testing — AWS/Azure/GCP asset discovery, S3 public bucket enumeration, SSRF-to-metadata credential theft, IAM abuse, Kubernetes/container escape, secret scanning in repos, and automated misconfiguration auditing for authorized engagements.

2026-04-09
pentest-cve-scanner
information-security-analysts

Automated CVE and misconfiguration scanning using Nuclei — Project Discovery's template-based vulnerability scanner. Covers 10,000+ CVEs, misconfigurations, exposed panels, default credentials, and more. Combine with nmap for full coverage.

2026-04-09
pentest-email
information-security-analysts

Email security testing — SMTP relay, open relay detection, user enumeration via VRFY/RCPT/EXPN, SPF/DKIM/DMARC auditing, email spoofing tests, IMAP/POP3 brute force, phishing simulation setup, and mail server misconfiguration for authorized engagements.

2026-04-09
pentest-exploit
information-security-analysts

Exploitation tool reference covering Metasploit Framework (msfconsole, msfvenom), searchsploit (ExploitDB), and on-demand tools (crackmapexec/netexec, impacket, evil-winrm, responder, BeEF, SET). Use during the exploitation phase of a penetration test after vulnerabilities have been identified.

2026-04-09
pentest-network
information-security-analysts

Network analysis, traffic capture, and MITM tool reference. Covers tshark/tcpdump (packet capture), hping3 (packet crafting), netcat/socat (connections), and on-demand tools (bettercap, ettercap, responder). Use for network traffic analysis, protocol inspection, and man-in-the-middle testing.

2026-04-09
pentest-osint
information-security-analysts

Passive OSINT (Open-Source Intelligence) gathering — domain enumeration, subdomain discovery, email harvesting, DNS analysis, WHOIS, Shodan queries, infrastructure mapping. Used at the START of every engagement.

2026-04-09
pentest-passwords
information-security-analysts

Password attack tool reference covering hydra (network brute-forcing), john the ripper (hash cracking), hashcat (GPU-accelerated cracking), and supporting tools (cewl, crunch, hash-identifier). Use during authentication testing and credential attacks in a penetration test.

2026-04-09
pentest-post-exploit
information-security-analysts

Post-exploitation and privilege escalation tool reference. Covers proxychains4 (pivoting), smbclient (file access), socat/netcat (relays), and on-demand tools (linpeas, chisel, ligolo-ng, pspy, mimikatz concepts). Use after gaining initial access to escalate privileges and move laterally.

2026-04-09
pentest-recon
information-security-analysts

Reconnaissance and information gathering tool reference. Covers nmap (port scanning, service detection, NSE scripts), whatweb, enum4linux, nbtscan, whois, dig, and on-demand tools (masscan, recon-ng, theHarvester, fierce, dnsenum, amass, subfinder). Use for any recon phase of a penetration test.

2026-04-09
pentest-social-media
information-security-analysts

Social media OSINT, username enumeration across 400-2500+ platforms, email-to-account mapping, account security testing, OAuth/SSO weakness analysis, and social engineering recon for authorized engagements.

2026-04-09
pentest-web
information-security-analysts

Web application penetration testing tool reference. Covers sqlmap (SQL injection), nikto (web scanner), gobuster/dirb (directory brute-forcing), wfuzz (fuzzing), commix (command injection), and on-demand tools (ffuf, feroxbuster, wpscan, nuclei, OWASP ZAP, XSStrike). Use for web app vulnerability scanning and exploitation.

2026-04-09
pentest-wifi
information-security-analysts

WiFi penetration testing with the aircrack-ng suite. Covers monitor mode setup, network discovery, WPA/WPA2 handshake capture, deauthentication attacks, WEP cracking, PMKID attacks, and password cracking with aircrack-ng and hashcat.

2026-04-09