Skip to main content
Manusで任意のスキルを実行
ワンクリックで
blacklanternsecurity
GitHub クリエイタープロフィール

blacklanternsecurity

1 件の GitHub リポジトリにある 80 件の収集済み skills をリポジトリ単位で表示します。

収集済み skills
80
リポジトリ
1
更新
2026-04-01
リポジトリマップ

skills がある場所

収集済み skill 数が多いリポジトリを、このクリエイターカタログ内の比率と職業範囲とともに表示します。

リポジトリエクスプローラー

リポジトリと代表的な skills

red-run-ctf
情報セキュリティアナリスト

Multi-phase penetration test orchestrator. Handles recon, assessment surface mapping, vulnerability chaining, and routes to technique skills for execution. Invoke via /red-run-ctf slash command only.

2026-04-01
acl-abuse
情報セキュリティアナリスト

Exploits misconfigured Active Directory ACLs for privilege escalation. Covers GenericAll, GenericWrite, WriteDACL, WriteOwner, ForceChangePassword, targeted Kerberoasting via SPN manipulation, shadow credentials (msDS-KeyCredentialLink → PKINIT), and AdminSDHolder persistence.

2026-03-30
adcs-persistence
情報セキュリティアナリスト

Establishes persistence and exploits weak certificate mapping in AD CS. Covers ESC9 (no security extension), ESC10 (weak certificate mapping), ESC12-15 (YubiHSM, issuance policy, altSecIdentities, application policies), Golden Certificate (forge with stolen CA key), certificate theft (DPAPI/CAPI/CNG), and account persistence via certificate mapping.

2026-03-30
auth-coercion-relay
情報セキュリティアナリスト

Forces remote systems to authenticate back to attacker-controlled listeners and relays captured authentication to escalate privileges or move laterally. Covers authentication coercion (PetitPotam, PrinterBug, DFSCoerce, ShadowCoerce, CheeseOunce), NTLM relay (ntlmrelayx to LDAP/SMB/AD CS/MSSQL), Kerberos relay (krbrelayx, mitm6), and name resolution poisoning (LLMNR/NBNS/WPAD via Responder).

2026-03-30
kerberos-roasting
情報セキュリティアナリスト

Extracts and cracks Kerberos service tickets (Kerberoasting) and AS-REP hashes (AS-REP Roasting) for offline password recovery.

2026-03-30
sccm-exploitation
情報セキュリティアナリスト

Enumerates and exploits Microsoft SCCM/MECM (System Center Configuration Manager / Microsoft Endpoint Configuration Manager) infrastructure for credential harvesting, lateral movement, and domain escalation. Covers SCCM enumeration (sccmhunter, SharpSCCM), Network Access Account (NAA) credential extraction (policy request, WMI DPAPI, WMI repository), management point NTLM relay to MSSQL (TAKEOVER1), client push relay (ELEVATE2), PXE boot media credential harvesting (CRED1), SCCM database credential extraction, application deployment for lateral movement, and SCCM share looting.

2026-03-30
red-run-legacy
情報セキュリティアナリスト

Legacy subagent-based orchestrator. Superseded by /red-run-ctf (agent teams). Use /red-run-legacy to invoke manually. Does not auto-trigger.

2026-03-30
credential-recovery
情報セキュリティアナリスト

Offline credential and file recovery with hashcat and john. Use when any skill captures hashes (NTLM, Kerberos TGS/AS-REP, shadow, MSCACHE2) or encrypted files (ZIP, Office, PDF, KeePass, SSH key, 7z, RAR). Trigger phrases: "recover this hash", "offline recovery", "john", "hashcat", "zip2john", "password-protected file". Do NOT use for online password attacks (spraying, brute force against services) — use password-spraying instead.

2026-03-30
このリポジトリの収集済み skills 80 件中、上位 8 件を表示しています。
1 件中 1 件のリポジトリを表示
すべてのリポジトリを表示しました