원클릭으로
hackthebox
HackTheBox platform operations and automations to solve challenges, machines and capture the flags hacking competitions
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
HackTheBox platform operations and automations to solve challenges, machines and capture the flags hacking competitions
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Threat Intelligence Report Design System — ReportLab-based PDF generation for A4 reports with Transilience branding, typography, and layout standards.
Authentication security testing - auth bypass, JWT attacks, OAuth flaws, password attacks, 2FA bypass, CAPTCHA bypass, and bot detection evasion.
Cloud and container security testing - AWS, Azure, GCP, Docker, and Kubernetes misconfigurations and exploitation.
Detect and break the cloud post-compromise attack chain (AWS / Azure / GCP) — per-stage CloudTrail / Activity-Log / Audit-Log detection signals and the preventive controls that close each step. Use for cloud detection engineering, hardening, remediation write-ups, or blue-team posture review of the lateral-movement -> privilege-escalation -> exfiltration -> evasion chain.
Injection vulnerability testing - SQL, NoSQL, OS Command, SSTI, XXE, and LDAP/XPath injection techniques.
Mobile application security testing — Android (smali, Frida, IL2CPP, Flutter AOT, React Native/Hermes, root detection), iOS (jailbreak, Objection).
| name | hackthebox |
| description | HackTheBox platform operations and automations to solve challenges, machines and capture the flags hacking competitions |
| context | fork |
python3 .claude/tools/env-reader.py HTB_USER HTB_PASS HTB_TOKEN ANTHROPIC_API_KEY SLACK_BOT_TOKEN HTB_SLACK_CHANNEL_IDmkdir -p YYMMDD_<name>/{recon,findings,logs,artifacts,tools,reports} for each challenge. Do not seed attack-chain.md or experiments.md from the orchestrator — those are the coordinator subagent's first action (see skills/coordination/reference/spawning-recipes.md).Agent(name="coordinator-{tag}", run_in_background=True, ...) per spawning-recipes.md. Never run the P0-P6 coordinator workflow inline in the orchestrator session — the bookkeeping discipline (attack-chain.md, experiments.md, goal_attempts counting, mandatory skeptic at experiments 5/15/25) requires the subagent boundary. Max N concurrent agents, queue-based spawning./skill-update + Slack after each coordinator returns its PHASE3_SUMMARY (see workflow.md step 8)