Skip to main content
Manus에서 모든 스킬 실행
원클릭으로
GitHub 저장소

pentest-skills

pentest-skills에는 crazyMarky에서 수집한 skills 11개가 있으며, 저장소 수준 직업 범위와 사이트 내 skill 상세 페이지를 제공합니다.

수집된 skills
11
Stars
249
업데이트
2026-06-04
Forks
28
직업 범위
직업 카테고리 2개 · 100% 분류됨
저장소 탐색

이 저장소의 skills

exploit-lfi
정보 보안 분석가

本地文件包含 (LFI) 漏洞检测和利用工具。使用 curl、ffuf 等工具测试 LFI 漏洞,支持路径遍历、PHP 伪协议利用、日志投毒 RCE、敏感文件读取。当用户需要检测 LFI 漏洞、利用文件包含漏洞读取服务器文件时使用此技能。

2026-06-04
exploit-sqli
정보 보안 분석가

SQL injection detection and exploitation using sqlmap, manual techniques, and custom payloads. Use this skill when user needs to test for SQL injection vulnerabilities, extract database information, or exploit SQLi in parameters, headers, or cookies.

2026-06-04
pentest-report
정보 보안 분석가

按照标准格式生成渗透测试报告,包含项目信息表、漏洞发现清单、漏洞详情(含属性表、描述、复现步骤、证据截图、修复建议)、附录(风险等级定义、CVSS说明、词汇表)。当用户要求生成渗透测试报告、安全测试报告、漏洞报告时使用此技能。严格遵循项目模板目录中的标准格式。

2026-03-06
exploit-file-download
정보 보안 분석가

任意文件下载与本地文件包含 (LFI) 漏洞检测和利用工具。使用 curl、ffuf、wget 等工具测试文件下载漏洞,支持路径遍历、伪协议利用、敏感文件读取。当用户需要测试文件下载功能、检测 LFI 漏洞、读取服务器敏感文件时使用此技能。

2026-03-05
exploit-file-download
정보 보안 분석가

Arbitrary file download vulnerability detection and exploitation using path traversal techniques, bypass methods, and sensitive file discovery. Use this skill when user needs to test for file download vulnerabilities, path traversal, or read sensitive files on target systems.

2026-02-15
exploit-xss
정보 보안 분석가

Cross-site scripting (XSS) vulnerability detection and exploitation. Supports reflected XSS, stored XSS, DOM-based XSS, and blind XSS testing. Use this skill when user mentions XSS, cross-site scripting, script injection, or needs to test JavaScript injection in parameters, forms, headers, or DOM sources.

2026-02-15
recon-dir-scan
정보 보안 분석가

Directory and file enumeration using ffuf, gobuster, dirsearch, and feroxbuster. Use this skill when user needs to discover hidden directories, enumerate files, find backup files, or map application structure through path fuzzing.

2026-02-15
recon-fingerprint
정보 보안 분석가

Web fingerprinting and WAF detection using wafw00f, whatweb, nuclei, and httpx. Use this skill when user needs to identify web technologies, detect WAF/CDN, analyze server headers, or fingerprint web applications and frameworks.

2026-02-15
recon-port-scan
정보 보안 분석가

Port scanning and service identification using nmap, masscan, and rustscan. Use this skill when user needs to discover open ports, identify running services, detect service versions, or fingerprint operating systems on target hosts.

2026-02-15
recon-subdomain
정보 보안 분석가

Subdomain enumeration and DNS reconnaissance using subfinder, amass, dnsx, and other tools. Use this skill when user needs to discover subdomains, perform DNS enumeration, gather DNS records, or find hidden subdomains of a target domain.

2026-02-15
results-storage
소프트웨어 개발자

SQLite-based persistent storage and reporting system for penetration testing results. Use this skill when user needs to store scan results, query vulnerabilities, generate reports, or manage pentest data across sessions.

2026-02-15