Skip to main content
Execute qualquer Skill no Manus
com um clique
blacklanternsecurity
Perfil de criador do GitHub

blacklanternsecurity

Visão por repositório de 80 skills coletadas em 1 repositórios do GitHub.

skills coletadas
80
repositórios
1
atualizado
2026-04-01
mapa de repositórios

Onde as skills estão

Principais repositórios por número de skills coletadas, com sua participação neste catálogo do criador e sua distribuição ocupacional.

explorador de repositórios

Repositórios e skills representativas

red-run-ctf
Analistas de segurança da informação

Multi-phase penetration test orchestrator. Handles recon, assessment surface mapping, vulnerability chaining, and routes to technique skills for execution. Invoke via /red-run-ctf slash command only.

2026-04-01
acl-abuse
Analistas de segurança da informação

Exploits misconfigured Active Directory ACLs for privilege escalation. Covers GenericAll, GenericWrite, WriteDACL, WriteOwner, ForceChangePassword, targeted Kerberoasting via SPN manipulation, shadow credentials (msDS-KeyCredentialLink → PKINIT), and AdminSDHolder persistence.

2026-03-30
adcs-persistence
Analistas de segurança da informação

Establishes persistence and exploits weak certificate mapping in AD CS. Covers ESC9 (no security extension), ESC10 (weak certificate mapping), ESC12-15 (YubiHSM, issuance policy, altSecIdentities, application policies), Golden Certificate (forge with stolen CA key), certificate theft (DPAPI/CAPI/CNG), and account persistence via certificate mapping.

2026-03-30
auth-coercion-relay
Analistas de segurança da informação

Forces remote systems to authenticate back to attacker-controlled listeners and relays captured authentication to escalate privileges or move laterally. Covers authentication coercion (PetitPotam, PrinterBug, DFSCoerce, ShadowCoerce, CheeseOunce), NTLM relay (ntlmrelayx to LDAP/SMB/AD CS/MSSQL), Kerberos relay (krbrelayx, mitm6), and name resolution poisoning (LLMNR/NBNS/WPAD via Responder).

2026-03-30
kerberos-roasting
Analistas de segurança da informação

Extracts and cracks Kerberos service tickets (Kerberoasting) and AS-REP hashes (AS-REP Roasting) for offline password recovery.

2026-03-30
sccm-exploitation
Analistas de segurança da informação

Enumerates and exploits Microsoft SCCM/MECM (System Center Configuration Manager / Microsoft Endpoint Configuration Manager) infrastructure for credential harvesting, lateral movement, and domain escalation. Covers SCCM enumeration (sccmhunter, SharpSCCM), Network Access Account (NAA) credential extraction (policy request, WMI DPAPI, WMI repository), management point NTLM relay to MSSQL (TAKEOVER1), client push relay (ELEVATE2), PXE boot media credential harvesting (CRED1), SCCM database credential extraction, application deployment for lateral movement, and SCCM share looting.

2026-03-30
red-run-legacy
Analistas de segurança da informação

Legacy subagent-based orchestrator. Superseded by /red-run-ctf (agent teams). Use /red-run-legacy to invoke manually. Does not auto-trigger.

2026-03-30
credential-recovery
Analistas de segurança da informação

Offline credential and file recovery with hashcat and john. Use when any skill captures hashes (NTLM, Kerberos TGS/AS-REP, shadow, MSCACHE2) or encrypted files (ZIP, Office, PDF, KeePass, SSH key, 7z, RAR). Trigger phrases: "recover this hash", "offline recovery", "john", "hashcat", "zip2john", "password-protected file". Do NOT use for online password attacks (spraying, brute force against services) — use password-spraying instead.

2026-03-30
Mostrando as 8 principais de 80 skills coletadas neste repositório.
Mostrando 1 de 1 repositórios
Todos os repositórios foram exibidos