ワンクリックで
osint-recon
Open-source intelligence gathering on people, organizations, and domains via public sources and historical records.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Open-source intelligence gathering on people, organizations, and domains via public sources and historical records.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Cloud infrastructure, container image, and Kubernetes security assessment via IAM review, secrets detection, and RBAC analysis.
Exploit lookup, payload generation, and delivery for confirmed vulnerabilities. Use only after validation has established concrete attack path.
Curated MCP prompts for multi-step attack chains and engagement playbooks. Use for guided workflows spanning multiple skills. Each prompt step now carries expected_time, priority, fallback, and result_context for agent-guided execution.
SMB service enumeration, share discovery, and RPC interrogation on Windows networks. Use to map Windows hosts before credential testing or lateral movement.
Wireless network assessment via monitor mode, handshake capture, and de-authentication testing. Use to assess WiFi security posture and crack WPA/WPA2.
Network reconnaissance via host discovery, port scanning, and service fingerprinting. Use during early reconnaissance phase to map attack surface and identify services.
| name | osint-recon |
| description | Open-source intelligence gathering on people, organizations, and domains via public sources and historical records. |
Use this skill for pre-engagement recon using only public sources:
Passive-only prevents triggering monitoring:
sherlock or bbot (username search across platforms)theharvester (Google/Shodan/Censys dorks)wayback_urls (archived pages), SSL cert historyvalidate_email to confirm working addresses without probingsubdomain-enum, then web-reconEntry point:
sherlock(username="targetuser", verbose=False)
subdomain-enum for asset discovery