Skip to main content
Execute qualquer Skill no Manus
com um clique
Repositório GitHub

llm_rules_tk

llm_rules_tk contém 21 skills coletadas de cwrricio, com cobertura ocupacional por repositório e páginas de detalhe dentro do site.

skills coletadas
21
Stars
2
atualizado
2026-05-15
Forks
0
Cobertura ocupacional
2 categorias ocupacionais · 100% classificado
explorador de repositórios

Skills neste repositório

snort-rule-generation
Analistas de segurança da informação

Generate Snort 3.9.7.0 IDS rules from a natural-language operator intent. Use whenever you need to write a new rule, refine an existing one, or recover from a syntax error.

2026-05-15
validated-rules-library
Analistas de segurança da informação

Reuse Snort rules that already fired in past experiments. ALWAYS consult this skill at the start of every cycle BEFORE writing a new rule. Validated rules are known-good detection patterns persisted per attack_id under data/validated_rules/.

2026-05-15
evasion-variants
Analistas de segurança da informação

How to produce an evasion variant of a previously successful attack. Use this when request_variant=True on the attacker request.

2026-05-14
attack-execution
Analistas de segurança da informação

How to execute the selected attack container on the attacker host and interpret the result.

2026-05-14
attack-selection
Analistas de segurança da informação

How to map an operator intent to one of the attacks discovered on the attacker host. Use this before calling execute_attack.

2026-05-14
mqtt-bruteforce
Analistas de segurança da informação

Rule-generation refinement playbook for MQTT Brute Force — credential brute force against MQTT brokers on TCP port 1883 using dictionary attacks. Load when the operator intent maps to attack_id mqtt-bruteforce.

2026-05-14
mqtt-lwt-abuse
Analistas de segurança da informação

Rule-generation refinement playbook for MQTT LWT Abuse — abuse of MQTT Last Will and Testament to publish malicious payloads under the broker's trusted identity. Load when the operator intent maps to attack_id mqtt-lwt-abuse.

2026-05-14
mqtt-publisher-flood
Analistas de segurança da informação

Rule-generation refinement playbook for MQTT Publisher Flood — PUBLISH flood saturating broker memory, bandwidth, and subscriber processing pipelines. Load when the operator intent maps to attack_id mqtt-publisher-flood.

2026-05-14
mqtt-qos-amplification
Analistas de segurança da informação

Rule-generation refinement playbook for MQTT QoS Amplification — memory amplification by leaving QoS 2 handshakes incomplete (PUBLISH/PUBREC, no PUBREL). Load when the operator intent maps to attack_id mqtt-qos-amplification.

2026-05-14
xrce-dds-entity-flood
Analistas de segurança da informação

Rule-generation refinement playbook for XRCE-DDS Entity Flood — exhaustion of the XRCE-DDS Agent object tables by creating thousands of Participant/Topic/Publisher/DataWriter entities. Load when the operator intent maps to attack_id xrce-dds-entity-flood.

2026-05-14
xrce-dds-fragment-abuse
Analistas de segurança da informação

Rule-generation refinement playbook for XRCE-DDS Fragment Abuse — abuse of RTPS DATA_FRAG reassembly with incomplete, overlapping or flood fragments. Load when the operator intent maps to attack_id xrce-dds-fragment-abuse.

2026-05-14
xrce-dds-malformed-inject
Analistas de segurança da informação

Rule-generation refinement playbook for XRCE-DDS Malformed Inject — injection of malformed XCDR payloads into an established session targeting the Micro CDR deserializer. Load when the operator intent maps to attack_id xrce-dds-malformed-inject.

2026-05-14
xrce-dds-session-hijack
Analistas de segurança da informação

Rule-generation refinement playbook for XRCE-DDS Session Hijack — brute force of hardcoded XRCE client_key values to hijack legitimate sessions. Load when the operator intent maps to attack_id xrce-dds-session-hijack.

2026-05-14
xrce-dds-time-desync
Analistas de segurança da informação

Rule-generation refinement playbook for XRCE-DDS Time Desync — desynchronization of the client/agent clock via manipulated time_offset, corrupting sensor timestamps. Load when the operator intent maps to attack_id xrce-dds-time-desync.

2026-05-14
xrce-dds-udp-dos
Analistas de segurança da informação

Rule-generation refinement playbook for XRCE-DDS UDP DoS — UDP flood targeting the XRCE-DDS Agent on port 8888 using uxr_ping_agent_attempts(). Load when the operator intent maps to attack_id xrce-dds-udp-dos.

2026-05-14
alert-interpretation
Analistas de segurança da informação

How to check the IDS alert log after an attack and decide whether the rule converged or needs refinement.

2026-05-14
iteration-recording
Cientistas de dados

How and when to persist a rule attempt to the experiment record (metrics.csv and experiment.json).

2026-05-14
rule-deployment
Analistas de segurança da informação

How to assign a SID and deploy a validated Snort rule to the live IDS via the assign_sid and deploy_rule tools.

2026-05-14
rule-validation-workflow
Analistas de segurança da informação

How to validate a candidate Snort rule against the live IDS before deployment, interpret the result, and recover from syntax errors.

2026-05-14
attack-destinations
Analistas de segurança da informação

Hard rule about fixed attack destinations (IP and port). Read this before generating rules or planning attacks.

2026-05-14
experiment-cycle
Cientistas de dados

The shared protocol for one variant cycle in a Rules Farmer experiment. Read this before starting any cycle.

2026-05-14