Skip to main content
在 Manus 中运行任何 Skill
一键导入
GitHub 仓库

llm_rules_tk

llm_rules_tk 收录了来自 cwrricio 的 21 个 skills,并提供仓库级职业覆盖和站内 skill 详情页。

已收集 skills
21
Stars
2
更新
2026-05-15
Forks
0
职业覆盖
2 个职业分类 · 已分类 100%
仓库浏览

这个仓库中的 skills

snort-rule-generation
信息安全分析师

Generate Snort 3.9.7.0 IDS rules from a natural-language operator intent. Use whenever you need to write a new rule, refine an existing one, or recover from a syntax error.

2026-05-15
validated-rules-library
信息安全分析师

Reuse Snort rules that already fired in past experiments. ALWAYS consult this skill at the start of every cycle BEFORE writing a new rule. Validated rules are known-good detection patterns persisted per attack_id under data/validated_rules/.

2026-05-15
evasion-variants
信息安全分析师

How to produce an evasion variant of a previously successful attack. Use this when request_variant=True on the attacker request.

2026-05-14
attack-execution
信息安全分析师

How to execute the selected attack container on the attacker host and interpret the result.

2026-05-14
attack-selection
信息安全分析师

How to map an operator intent to one of the attacks discovered on the attacker host. Use this before calling execute_attack.

2026-05-14
mqtt-bruteforce
信息安全分析师

Rule-generation refinement playbook for MQTT Brute Force — credential brute force against MQTT brokers on TCP port 1883 using dictionary attacks. Load when the operator intent maps to attack_id mqtt-bruteforce.

2026-05-14
mqtt-lwt-abuse
信息安全分析师

Rule-generation refinement playbook for MQTT LWT Abuse — abuse of MQTT Last Will and Testament to publish malicious payloads under the broker's trusted identity. Load when the operator intent maps to attack_id mqtt-lwt-abuse.

2026-05-14
mqtt-publisher-flood
信息安全分析师

Rule-generation refinement playbook for MQTT Publisher Flood — PUBLISH flood saturating broker memory, bandwidth, and subscriber processing pipelines. Load when the operator intent maps to attack_id mqtt-publisher-flood.

2026-05-14
mqtt-qos-amplification
信息安全分析师

Rule-generation refinement playbook for MQTT QoS Amplification — memory amplification by leaving QoS 2 handshakes incomplete (PUBLISH/PUBREC, no PUBREL). Load when the operator intent maps to attack_id mqtt-qos-amplification.

2026-05-14
xrce-dds-entity-flood
信息安全分析师

Rule-generation refinement playbook for XRCE-DDS Entity Flood — exhaustion of the XRCE-DDS Agent object tables by creating thousands of Participant/Topic/Publisher/DataWriter entities. Load when the operator intent maps to attack_id xrce-dds-entity-flood.

2026-05-14
xrce-dds-fragment-abuse
信息安全分析师

Rule-generation refinement playbook for XRCE-DDS Fragment Abuse — abuse of RTPS DATA_FRAG reassembly with incomplete, overlapping or flood fragments. Load when the operator intent maps to attack_id xrce-dds-fragment-abuse.

2026-05-14
xrce-dds-malformed-inject
信息安全分析师

Rule-generation refinement playbook for XRCE-DDS Malformed Inject — injection of malformed XCDR payloads into an established session targeting the Micro CDR deserializer. Load when the operator intent maps to attack_id xrce-dds-malformed-inject.

2026-05-14
xrce-dds-session-hijack
信息安全分析师

Rule-generation refinement playbook for XRCE-DDS Session Hijack — brute force of hardcoded XRCE client_key values to hijack legitimate sessions. Load when the operator intent maps to attack_id xrce-dds-session-hijack.

2026-05-14
xrce-dds-time-desync
信息安全分析师

Rule-generation refinement playbook for XRCE-DDS Time Desync — desynchronization of the client/agent clock via manipulated time_offset, corrupting sensor timestamps. Load when the operator intent maps to attack_id xrce-dds-time-desync.

2026-05-14
xrce-dds-udp-dos
信息安全分析师

Rule-generation refinement playbook for XRCE-DDS UDP DoS — UDP flood targeting the XRCE-DDS Agent on port 8888 using uxr_ping_agent_attempts(). Load when the operator intent maps to attack_id xrce-dds-udp-dos.

2026-05-14
alert-interpretation
信息安全分析师

How to check the IDS alert log after an attack and decide whether the rule converged or needs refinement.

2026-05-14
iteration-recording
数据科学家

How and when to persist a rule attempt to the experiment record (metrics.csv and experiment.json).

2026-05-14
rule-deployment
信息安全分析师

How to assign a SID and deploy a validated Snort rule to the live IDS via the assign_sid and deploy_rule tools.

2026-05-14
rule-validation-workflow
信息安全分析师

How to validate a candidate Snort rule against the live IDS before deployment, interpret the result, and recover from syntax errors.

2026-05-14
attack-destinations
信息安全分析师

Hard rule about fixed attack destinations (IP and port). Read this before generating rules or planning attacks.

2026-05-14
experiment-cycle
数据科学家

The shared protocol for one variant cycle in a Rules Farmer experiment. Read this before starting any cycle.

2026-05-14
llm_rules_tk GitHub Agent Skills | SkillsMP