Skip to main content
在 Manus 中运行任何 Skill
一键导入
OmarElsahragty
GitHub 创作者资料

OmarElsahragty

按仓库查看 1 个 GitHub 仓库中的 13 个已收集 skills。

已收集 skills
13
仓库
1
更新
2026-04-09
仓库分布

Skills 分布在哪些仓库

按已收集 skill 数展示主要仓库,并显示它们在该创作者目录中的占比和职业覆盖。

仓库浏览

仓库与代表性 skills

pentest-active-directory
信息安全分析师

Active Directory penetration testing — BloodHound enumeration, Kerberoasting, AS-REP Roasting, lateral movement, DCSync, Pass-the-Hash, domain privilege escalation. Use when target network has Windows domain controllers.

2026-04-09
pentest-cloud
信息安全分析师

Cloud security testing — AWS/Azure/GCP asset discovery, S3 public bucket enumeration, SSRF-to-metadata credential theft, IAM abuse, Kubernetes/container escape, secret scanning in repos, and automated misconfiguration auditing for authorized engagements.

2026-04-09
pentest-cve-scanner
信息安全分析师

Automated CVE and misconfiguration scanning using Nuclei — Project Discovery's template-based vulnerability scanner. Covers 10,000+ CVEs, misconfigurations, exposed panels, default credentials, and more. Combine with nmap for full coverage.

2026-04-09
pentest-email
信息安全分析师

Email security testing — SMTP relay, open relay detection, user enumeration via VRFY/RCPT/EXPN, SPF/DKIM/DMARC auditing, email spoofing tests, IMAP/POP3 brute force, phishing simulation setup, and mail server misconfiguration for authorized engagements.

2026-04-09
pentest-exploit
信息安全分析师

Exploitation tool reference covering Metasploit Framework (msfconsole, msfvenom), searchsploit (ExploitDB), and on-demand tools (crackmapexec/netexec, impacket, evil-winrm, responder, BeEF, SET). Use during the exploitation phase of a penetration test after vulnerabilities have been identified.

2026-04-09
pentest-network
信息安全分析师

Network analysis, traffic capture, and MITM tool reference. Covers tshark/tcpdump (packet capture), hping3 (packet crafting), netcat/socat (connections), and on-demand tools (bettercap, ettercap, responder). Use for network traffic analysis, protocol inspection, and man-in-the-middle testing.

2026-04-09
pentest-osint
信息安全分析师

Passive OSINT (Open-Source Intelligence) gathering — domain enumeration, subdomain discovery, email harvesting, DNS analysis, WHOIS, Shodan queries, infrastructure mapping. Used at the START of every engagement.

2026-04-09
pentest-passwords
信息安全分析师

Password attack tool reference covering hydra (network brute-forcing), john the ripper (hash cracking), hashcat (GPU-accelerated cracking), and supporting tools (cewl, crunch, hash-identifier). Use during authentication testing and credential attacks in a penetration test.

2026-04-09
当前展示该仓库 Top 8 / 13 个已收集 skills。
已展示 1 / 1 个仓库
已展示全部仓库