Skip to main content
Exécutez n'importe quel Skill dans Manus
en un clic
Dépôt GitHub

homeLab

homeLab contient 13 skills collectées depuis OmarElsahragty, avec une couverture métier par dépôt et des pages de détail sur le site.

skills collectés
13
Stars
2
mis à jour
2026-04-09
Forks
0
Couverture métier
1 catégories métier · 100% classifié
explorateur de dépôts

Skills dans ce dépôt

pentest-active-directory
Analystes en sécurité de l'information

Active Directory penetration testing — BloodHound enumeration, Kerberoasting, AS-REP Roasting, lateral movement, DCSync, Pass-the-Hash, domain privilege escalation. Use when target network has Windows domain controllers.

2026-04-09
pentest-cloud
Analystes en sécurité de l'information

Cloud security testing — AWS/Azure/GCP asset discovery, S3 public bucket enumeration, SSRF-to-metadata credential theft, IAM abuse, Kubernetes/container escape, secret scanning in repos, and automated misconfiguration auditing for authorized engagements.

2026-04-09
pentest-cve-scanner
Analystes en sécurité de l'information

Automated CVE and misconfiguration scanning using Nuclei — Project Discovery's template-based vulnerability scanner. Covers 10,000+ CVEs, misconfigurations, exposed panels, default credentials, and more. Combine with nmap for full coverage.

2026-04-09
pentest-email
Analystes en sécurité de l'information

Email security testing — SMTP relay, open relay detection, user enumeration via VRFY/RCPT/EXPN, SPF/DKIM/DMARC auditing, email spoofing tests, IMAP/POP3 brute force, phishing simulation setup, and mail server misconfiguration for authorized engagements.

2026-04-09
pentest-exploit
Analystes en sécurité de l'information

Exploitation tool reference covering Metasploit Framework (msfconsole, msfvenom), searchsploit (ExploitDB), and on-demand tools (crackmapexec/netexec, impacket, evil-winrm, responder, BeEF, SET). Use during the exploitation phase of a penetration test after vulnerabilities have been identified.

2026-04-09
pentest-network
Analystes en sécurité de l'information

Network analysis, traffic capture, and MITM tool reference. Covers tshark/tcpdump (packet capture), hping3 (packet crafting), netcat/socat (connections), and on-demand tools (bettercap, ettercap, responder). Use for network traffic analysis, protocol inspection, and man-in-the-middle testing.

2026-04-09
pentest-osint
Analystes en sécurité de l'information

Passive OSINT (Open-Source Intelligence) gathering — domain enumeration, subdomain discovery, email harvesting, DNS analysis, WHOIS, Shodan queries, infrastructure mapping. Used at the START of every engagement.

2026-04-09
pentest-passwords
Analystes en sécurité de l'information

Password attack tool reference covering hydra (network brute-forcing), john the ripper (hash cracking), hashcat (GPU-accelerated cracking), and supporting tools (cewl, crunch, hash-identifier). Use during authentication testing and credential attacks in a penetration test.

2026-04-09
pentest-post-exploit
Analystes en sécurité de l'information

Post-exploitation and privilege escalation tool reference. Covers proxychains4 (pivoting), smbclient (file access), socat/netcat (relays), and on-demand tools (linpeas, chisel, ligolo-ng, pspy, mimikatz concepts). Use after gaining initial access to escalate privileges and move laterally.

2026-04-09
pentest-recon
Analystes en sécurité de l'information

Reconnaissance and information gathering tool reference. Covers nmap (port scanning, service detection, NSE scripts), whatweb, enum4linux, nbtscan, whois, dig, and on-demand tools (masscan, recon-ng, theHarvester, fierce, dnsenum, amass, subfinder). Use for any recon phase of a penetration test.

2026-04-09
pentest-social-media
Analystes en sécurité de l'information

Social media OSINT, username enumeration across 400-2500+ platforms, email-to-account mapping, account security testing, OAuth/SSO weakness analysis, and social engineering recon for authorized engagements.

2026-04-09
pentest-web
Analystes en sécurité de l'information

Web application penetration testing tool reference. Covers sqlmap (SQL injection), nikto (web scanner), gobuster/dirb (directory brute-forcing), wfuzz (fuzzing), commix (command injection), and on-demand tools (ffuf, feroxbuster, wpscan, nuclei, OWASP ZAP, XSStrike). Use for web app vulnerability scanning and exploitation.

2026-04-09
pentest-wifi
Analystes en sécurité de l'information

WiFi penetration testing with the aircrack-ng suite. Covers monitor mode setup, network discovery, WPA/WPA2 handshake capture, deauthentication attacks, WEP cracking, PMKID attacks, and password cracking with aircrack-ng and hashcat.

2026-04-09