Skip to main content
在 Manus 中运行任何 Skill
一键导入
GitHub 仓库

IOTAgent

IOTAgent 收录了来自 tangjunyi23 的 15 个 skills,并提供仓库级职业覆盖和站内 skill 详情页。

已收集 skills
15
Stars
2
更新
2026-02-25
Forks
1
职业覆盖
1 个职业分类 · 已分类 100%
仓库浏览

这个仓库中的 skills

auth-bypass
信息安全分析师

Authentication bypass vulnerability hunting in IoT firmware. Use when analyzing login mechanisms, session management, access control, or authentication logic in web interfaces, APIs, or network services of embedded devices. Triggers on auth bypass, login bypass, session hijacking, or access control analysis tasks.

2026-02-25
bootloader-security
信息安全分析师

U-Boot and embedded bootloader security analysis — environment variable attacks, secure boot bypass, boot sequence exploitation, and firmware integrity verification

2026-02-25
buffer-overflow
信息安全分析师

Buffer overflow vulnerability hunting in IoT embedded binaries. Use when reverse-engineering ARM/MIPS/x86 binaries for stack-based or heap-based overflow vulnerabilities, analyzing unsafe memory operations (strcpy, sprintf, gets, memcpy), checking binary protections (NX, ASLR, canary), or building overflow PoCs for embedded targets.

2026-02-25
command-injection
信息安全分析师

Command injection vulnerability hunting in IoT firmware. Use when analyzing CGI binaries, web server handlers, SOAP/UPnP interfaces, or any user-input-to-system-call path in embedded devices. Triggers on searching for OS command injection (CWE-78), argument injection (CWE-88), or code injection in firmware binaries and scripts.

2026-02-25
crypto-weakness
信息安全分析师

Cryptographic weakness and insecure crypto implementation hunting in IoT firmware. Use when analyzing encryption implementations, TLS/SSL configurations, key management, random number generation, or any cryptographic operations in embedded device firmware. Triggers on crypto analysis, weak encryption, insecure TLS, or key management tasks.

2026-02-25
firmware-decryption
信息安全分析师

Firmware decryption, deobfuscation, and unpacking for encrypted IoT firmware images. Use when firmware entropy analysis reveals encrypted/obfuscated content, when binwalk extraction fails due to encryption, when decrypting vendor-specific firmware encryption (D-Link, Netgear, TP-Link, Hikvision, Dahua, ZTE), or when reversing custom XOR/AES/DES encryption applied to firmware update files.

2026-02-25
firmware-extraction
信息安全分析师

Firmware extraction and filesystem analysis for IoT devices. Use when analyzing firmware binaries, extracting filesystems with binwalk, identifying firmware format/structure, locating key files after extraction, or performing initial reconnaissance on router/camera/IoT firmware images. Triggers on tasks involving .bin/.img/.trx/.chk firmware files.

2026-02-25
format-string-exploitation
信息安全分析师

Format string vulnerability detection and exploitation in embedded firmware binaries, covering ARM, MIPS, and x86 architectures

2026-02-25
hardcoded-credentials
信息安全分析师

Hardcoded credential and backdoor hunting in IoT firmware. Use when searching for default passwords, API keys, private keys, certificates, debug accounts, hidden backdoor accounts, or embedded secrets in firmware filesystems and binaries. Triggers on credential hunting, password discovery, secret scanning, or backdoor detection tasks.

2026-02-25
hardware-debug-interfaces
信息安全分析师

Hardware debug interface exploitation for embedded devices — UART, JTAG, SWD identification, connection, and security bypass through physical debug ports

2026-02-25
iot-network-analysis
信息安全分析师

IoT network service and protocol vulnerability analysis. Use when analyzing network-facing services (UPnP, MQTT, CoAP, Telnet, RTSP), scanning device ports, testing network service implementations, or analyzing protocol-level vulnerabilities in IoT devices.

2026-02-25
privilege-escalation
信息安全分析师

Embedded device privilege escalation techniques — from limited shell to root, service exploitation, filesystem abuse, kernel vulnerabilities, and misconfigurations in IoT Linux environments

2026-02-25
reverse-engineering
信息安全分析师

Binary reverse engineering and code analysis for IoT firmware using Ghidra and Joern. Use when performing binary analysis with Ghidra headless mode (decompiling, cross-references, imports, dangerous calls), CPG-based vulnerability hunting with Joern (taint analysis, data flow tracking, pattern matching), or any reverse engineering task on ARM/MIPS/x86 embedded binaries. Triggers on tasks requiring decompilation, interprocedural analysis, or static vulnerability scanning of firmware binaries.

2026-02-25
rtos-analysis
信息安全分析师

Real-Time Operating System vulnerability analysis for embedded devices running FreeRTOS, VxWorks, ThreadX, eCos, and other RTOS platforms

2026-02-25
supply-chain-analysis
信息安全分析师

Third-party component and supply chain vulnerability analysis for embedded firmware — outdated libraries, known CVEs, open-source component detection, and dependency risk assessment

2026-02-25