Skip to main content
Ejecuta cualquier Skill en Manus
con un clic
Repositorio de GitHub

recon-skills

recon-skills contiene 129 skills recopiladas de uphiago, con cobertura ocupacional por repositorio y páginas de detalle dentro del sitio.

skills recopiladas
129
Stars
560
actualizado
2026-07-02
Forks
104
Cobertura ocupacional
4 categorías ocupacionales · 60% clasificado
explorador de repositorios

Skills en este repositorio

saml-sso-attack
sin clasificar

Attack SAML SSO via XSW, signature strip, metadata extract.

2026-07-02
cross-attack-chains
sin clasificar

Chain multiple vulns into critical impact attack paths.

2026-07-02
wordpress-full-compromise
sin clasificar

Execute optimal kill chains for WordPress full compromise.

2026-07-02
docker-privesc
sin clasificar

Escape Docker containers to host root via 5 techniques.

2026-07-02
attack-patterns-reference
sin clasificar

Catalog: 25 attacks, 18 WP, 8 CORS to match findings.

2026-07-02
pentest-playbook
sin clasificar

7-phase pentest pipeline from passive recon to exploitation.

2026-07-02
recon-playbook
sin clasificar

4-phase pipeline for max findings per minute across batches.

2026-07-02
sector-recon-methodology
sin clasificar

Pick sectors, compile targets, batch recon for campaigns.

2026-07-02
api-noauth-hunt
sin clasificar

Exploit no-auth APIs for data theft and CRUD via probes.

2026-07-02
cache-attack
sin clasificar

Poison CDN cache or deceive when X-Cache header is detected.

2026-07-02
cors-credential-wordpress
sin clasificar

Exploit WP CORS credential reflection for data theft.

2026-07-02
deep-invade
sin clasificar

Deep pentest WP: SSRF, plugin CVE, JS mine, port scan chain.

2026-07-02
error-log-mining
sin clasificar

Mine error_log for creds, paths, SQL when leak hunt finds.

2026-07-02
exchange-owa-attack
sin clasificar

Exchange/OWA NTLM AD leak, spray attack when mail subdomain.

2026-07-02
firebase-supabase-attack
sin clasificar

Exploit Firebase/Supabase for data via JS config leak probe.

2026-07-02
gitlab-public-recon
sin clasificar

Mine GitLab for secrets, CI tokens when subdomain found.

2026-07-02
hardcoded-credential-hunt
sin clasificar

Detect hardcoded passwords in HTML forms, JavaScript, and API responses.

2026-07-02
http2-header-impersonation
sin clasificar

Spoof HTTP/2 SETTINGS frames and pseudo-header order per browser profile.

2026-07-02
humanize-automation
sin clasificar

Human-like mouse, keyboard and scroll behavior for behavioral bot bypass.

2026-07-02
iot-camera-recon
sin clasificar

Attack cameras via RTSP, ONVIF, Axis config when 554 open.

2026-07-02
jwt-attack
sin clasificar

Decode, forge, brute JWTs when Bearer auth header is seen.

2026-07-02
llm-prompt-injection
sin clasificar

LLM prompt injection / system prompt extraction — 40+ technique catalog against hardened GPT-4o-class deployments. Covers direct/indirect/agentic attacks, encoding bypasses, delimiter smuggling, boolean extraction, positional enumeration, RAG poisoning, guardian-model defense patterns, and real-world cases (GeminiJack, EchoLeak, Reprompt).

2026-07-02
phpinfo-to-rce
sin clasificar

Chain phpinfo to RCE via exec check when info.php exposed.

2026-07-02
port-mass-scan
sin clasificar

Port scan /8-/24 with Masscan+RustScan and nmap banners.

2026-07-02
port-service-discovery
sin clasificar

Nmap scan for MySQL, Redis, FTP, SSH, internal API services.

2026-07-02
s3-minio-content-type-xss
sin clasificar

Exploit public bucket Content-Type override for stored XSS on target origin.

2026-07-02
scada-hikvision-isapi
sin clasificar

Enumerate Hikvision ISAPI endpoints on SCADA and IoT web interfaces.

2026-07-02
source-leak-hunt
sin clasificar

Mass scan for exposed env files, backups, and git configs.

2026-07-02
staging-subdomain-hunt
sin clasificar

Hunt staging via crt.sh when production is WAF-hardened.

2026-07-02
stealth-browser-launch
sin clasificar

Launch stealth Chromium with C++ fingerprint patches for anti-bot bypass.

2026-07-02
subdomain-enumeration
sin clasificar

Map subdomains via crt.sh and subfinder at recon kickoff.

2026-07-02
tls-fingerprint-impersonation
sin clasificar

Spoof TLS ClientHello and JA4 fingerprints for browser impersonation.

2026-07-02
unauth-api-flow-hijack
sin clasificar

Exploit unauthenticated multi-step API flows without credentials.

2026-07-02
wordpress-plugin-hunt
sin clasificar

Hunt WP plugins via REST, exploit CVEs when version known.

2026-07-02
wp-mass-recon
sin clasificar

Batch WP recon: users, CORS, XMLRPC, leaks across domains.

2026-07-02
wp-plugin-rest-auth-bypass
sin clasificar

Scan WordPress REST API plugin endpoints for unauthenticated state-changing operations — discover write endpoints (POST/PUT/PATCH/DELETE) exposed without auth, enumerate all plugin routes, and test for unauthorized content publishing, settings modification, and data leakage.

2026-07-02
xmlrpc-exploitation
sin clasificar

Exploit XMLRPC multicall, pingback for brute force and SSRF.

2026-07-02
zimbra-attack
sin clasificar

Zimbra SOAP user enum, CVE-2022-37042, SSRF when webmail.

2026-07-02
parallel-recon-triad
sin clasificar

Set up and manage self-improving parallel reconnaissance agent triads — eternal overlapping waves of deep invasion, target expansion, and skill evolution. Covers the full lifecycle: spawning parallel subagents, cron orchestration, documentation structure, sector-based US target methodology, and the self-improvement feedback loop that makes the system smarter over time.

2026-07-02
cross-wave-delta-analysis
sin clasificar

Compare recon waves to find NEW, REGRESSED, PERSISTENT findings.

2026-07-02
Mostrando las 40 principales de 129 skills recopiladas en este repositorio.