Skip to main content
Manus에서 모든 스킬 실행
원클릭으로
blacklanternsecurity
GitHub 제작자 프로필

blacklanternsecurity

1개 GitHub 저장소에서 수집된 80개 skills를 저장소 단위로 보여줍니다.

수집된 skills
80
저장소
1
업데이트
2026-04-01
저장소 지도

skills가 있는 위치

수집된 skill 수가 많은 주요 저장소와 이 제작자 카탈로그 내 비중, 직업 분포를 보여줍니다.

저장소 탐색

저장소와 대표 skills

red-run-ctf
정보 보안 분석가

Multi-phase penetration test orchestrator. Handles recon, assessment surface mapping, vulnerability chaining, and routes to technique skills for execution. Invoke via /red-run-ctf slash command only.

2026-04-01
acl-abuse
정보 보안 분석가

Exploits misconfigured Active Directory ACLs for privilege escalation. Covers GenericAll, GenericWrite, WriteDACL, WriteOwner, ForceChangePassword, targeted Kerberoasting via SPN manipulation, shadow credentials (msDS-KeyCredentialLink → PKINIT), and AdminSDHolder persistence.

2026-03-30
adcs-persistence
정보 보안 분석가

Establishes persistence and exploits weak certificate mapping in AD CS. Covers ESC9 (no security extension), ESC10 (weak certificate mapping), ESC12-15 (YubiHSM, issuance policy, altSecIdentities, application policies), Golden Certificate (forge with stolen CA key), certificate theft (DPAPI/CAPI/CNG), and account persistence via certificate mapping.

2026-03-30
auth-coercion-relay
정보 보안 분석가

Forces remote systems to authenticate back to attacker-controlled listeners and relays captured authentication to escalate privileges or move laterally. Covers authentication coercion (PetitPotam, PrinterBug, DFSCoerce, ShadowCoerce, CheeseOunce), NTLM relay (ntlmrelayx to LDAP/SMB/AD CS/MSSQL), Kerberos relay (krbrelayx, mitm6), and name resolution poisoning (LLMNR/NBNS/WPAD via Responder).

2026-03-30
kerberos-roasting
정보 보안 분석가

Extracts and cracks Kerberos service tickets (Kerberoasting) and AS-REP hashes (AS-REP Roasting) for offline password recovery.

2026-03-30
sccm-exploitation
정보 보안 분석가

Enumerates and exploits Microsoft SCCM/MECM (System Center Configuration Manager / Microsoft Endpoint Configuration Manager) infrastructure for credential harvesting, lateral movement, and domain escalation. Covers SCCM enumeration (sccmhunter, SharpSCCM), Network Access Account (NAA) credential extraction (policy request, WMI DPAPI, WMI repository), management point NTLM relay to MSSQL (TAKEOVER1), client push relay (ELEVATE2), PXE boot media credential harvesting (CRED1), SCCM database credential extraction, application deployment for lateral movement, and SCCM share looting.

2026-03-30
red-run-legacy
정보 보안 분석가

Legacy subagent-based orchestrator. Superseded by /red-run-ctf (agent teams). Use /red-run-legacy to invoke manually. Does not auto-trigger.

2026-03-30
credential-recovery
정보 보안 분석가

Offline credential and file recovery with hashcat and john. Use when any skill captures hashes (NTLM, Kerberos TGS/AS-REP, shadow, MSCACHE2) or encrypted files (ZIP, Office, PDF, KeePass, SSH key, 7z, RAR). Trigger phrases: "recover this hash", "offline recovery", "john", "hashcat", "zip2john", "password-protected file". Do NOT use for online password attacks (spraying, brute force against services) — use password-spraying instead.

2026-03-30
이 저장소에서 수집된 skills 80개 중 상위 8개를 표시합니다.
저장소 1개 중 1개 표시
모든 저장소를 표시했습니다