一键导入
wifi-pentest
Wireless network assessment via monitor mode, handshake capture, and de-authentication testing. Use to assess WiFi security posture and crack WPA/WPA2.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Wireless network assessment via monitor mode, handshake capture, and de-authentication testing. Use to assess WiFi security posture and crack WPA/WPA2.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Cloud infrastructure, container image, and Kubernetes security assessment via IAM review, secrets detection, and RBAC analysis.
Exploit lookup, payload generation, and delivery for confirmed vulnerabilities. Use only after validation has established concrete attack path.
Curated MCP prompts for multi-step attack chains and engagement playbooks. Use for guided workflows spanning multiple skills. Each prompt step now carries expected_time, priority, fallback, and result_context for agent-guided execution.
SMB service enumeration, share discovery, and RPC interrogation on Windows networks. Use to map Windows hosts before credential testing or lateral movement.
Network reconnaissance via host discovery, port scanning, and service fingerprinting. Use during early reconnaissance phase to map attack surface and identify services.
Active Directory reconnaissance, privilege escalation path analysis, and Kerberos attack surface mapping. Use for domain exploitation and lateral movement.
| name | wifi-pentest |
| description | Wireless network assessment via monitor mode, handshake capture, and de-authentication testing. Use to assess WiFi security posture and crack WPA/WPA2. |
Use this skill for wireless network assessment:
Passive-first minimizes detection; active only when authorized:
airmon_ng to enable monitor mode, verify RF compatibility [critical, ~10s]airodump_ng passive scan to locate APs and clients [critical, ~30-120s]hashcat (GPU preferred) or john on captured WPA2/WPA3 hash [critical, ~1-30 min]Decision fields (aligned with wifi_attack_chain prompt):
airodump_ng, check for "WPA handshake: {bssid}" in output. If present, skip de-auth (STEP 3) and go directly to cracking (STEP 4).aireplay_ng, check "Sent XX packets" — if 0, no associated clients.Entry point:
airmon_ng(interface="wlan0", action="start")
aireplay_ng de-auth (mode 0, 1, 9) and mdk4 require explicit approval due to service disruptionpassword-cracking for credential validityairodump_ng output shows "WPA handshake: XX:XX:XX:XX:XX:XX" when a 4-way handshake is captured. If present, cracking can proceed immediately.airodump_ng shows "0 stations", de-auth attacks will fail. Suggest channel hopping or retrying during peak hours.