wgpsec

Azure 云环境渗透测试总体方法论。当目标使用 Azure/Microsoft 365/Entra ID、发现 Azure 相关资产（Blob Storage/App Service/Azure VM/Azure Functions）、获取 Azure 凭据（Service Principal/Managed Identity/Access Token）、或需要对 Azure 环境进行安全评估时使用。提供从未授权枚举到 Entra ID 攻击、服务提权、Cloud-to-OnPrem 横向移动的全流程决策树。覆盖 35+ Azure 服务攻击面

GCP 云环境攻击方法论。当目标使用 Google Cloud Platform、发现 GCP Service Account/Metadata/Storage Bucket 时使用。覆盖 Metadata 服务利用、Service Account 密钥窃取、IAM 提权、GKE 逃逸、Storage Bucket 枚举

GCP 云环境渗透测试总体方法论。当目标使用 Google Cloud Platform、发现 GCP 相关资产（GCS Bucket/Compute Engine/Cloud Functions/GKE）、获取 GCP 凭据（Service Account Key/OAuth Token/Metadata Token）、或需要对 GCP 环境进行安全评估时使用。提供从未授权枚举到提权、后渗透、GCP-to-Workspace 穿越的全流程决策树。覆盖 37+ GCP 服务攻击面

Serverless/云函数安全测试与攻击。当目标涉及 AWS Lambda、腾讯云 SCF、阿里云 FC、Azure Functions 等 Serverless 服务时使用。当发现 API Gateway 后端是 Lambda/SCF 触发、通过 cloud-aksk-exploit 获取到函数操作权限、或需要分析云函数代码中的漏洞时使用。覆盖事件注入（HTTP/OSS/消息队列触发器参数篡改）、环境变量泄露（硬编码凭据提取）、函数代码注入/覆盖（UpdateFunctionCode）、Runtime 利用（/tmp 写入/Layer 劫持/依赖投毒）、临时凭据滥用。发现任何 Lambda/SCF/云函数、API Gateway、或 Serverless 架构时都应使用此 skill

腾讯云渗透测试方法论。当目标使用腾讯云服务、发现 cos.*.myqcloud.com 资产、获取腾讯云 SecretId/SecretKey、在 CVM 实例内可访问 metadata.tencentyun.com 元数据、或需要对腾讯云 CAM/CVM/COS/TencentDB/TKE/SCF 等服务进行安全评估时使用。覆盖 CAM 提权、CVM 接管、COS 对象存储利用、TencentDB 数据库攻击、TKE 容器集群、SCF 云函数、CLB 负载均衡、CLS 日志服务、KMS 密钥管理

Java 源码注入类漏洞审计。当在 Java 白盒审计中需要检测注入类漏洞时触发。 覆盖 6 种注入: SQL 注入(JDBC/MyBatis/Hibernate/JPA)、命令注入(Runtime.exec/ProcessBuilder)、 SSRF(HttpURLConnection/OkHttp/RestTemplate)、LDAP 注入、SpEL/OGNL 表达式注入、NoSQL 注入(MongoDB)。 需要 java-audit-pipeline 提供的数据流证据(EVID_*)作为审计输入。

FTP 服务（21 端口）渗透测试方法论。涵盖 FTP 服务发现与版本识别、匿名登录测试、目录遍历与文件下载、凭据爆破、已知漏洞利用（vsftpd 后门、ProFTPD 等）、FTP Bounce 攻击。 当 Agent 扫描发现 21 端口开放、需要测试 FTP 匿名访问、枚举 FTP 文件内容、或利用 FTP 服务漏洞时，触发此 Skill。

SMTP 服务（25/465/587 端口）渗透测试方法论。涵盖 SMTP 服务发现与版本识别、用户名枚举（VRFY/EXPN/RCPT TO）、开放中继测试、邮件伪造（SPF/DKIM/DMARC 绕过）、凭据爆破、SMTP 命令注入、已知漏洞利用。 当 Agent 扫描发现 25/465/587 端口开放、需要枚举邮件用户、测试邮件伪造可能性、或利用 SMTP 服务漏洞时，触发此 Skill。

Guide for using f8x, the red/blue team environment automation deployment tool. Use this skill whenever the user asks about installing security tools on a VPS, deploying pentest/red-team/blue-team environments, using f8x commands or flags, querying available tools via catalog, or automating tool installation through MCP/AI Agent integration with RedC. Also trigger when user mentions tool names like nuclei, httpx, nmap, subfinder, sqlmap, metasploit, CobaltStrike, Sliver, or any security tooling deployment on Linux servers.

AWS security hardening guide for red team infrastructure. Use this skill whenever the user is deploying to AWS, configuring IAM policies, setting up VPCs or security groups, asking about SSH access, encryption, key rotation, or any AWS security question. Also apply when the user mentions EC2 instances, EBS volumes, S3 buckets, or AWS networking — even if they don't explicitly ask about "security", because every AWS deployment should follow these hardening practices by default.

Strategies for minimizing cloud infrastructure costs in red team deployments. Use this skill whenever the user asks about pricing, budgets, cost estimates, instance sizing, spot instances, or resource cleanup. Also apply when the user is choosing instance types, discussing how long to keep infrastructure running, asking about billing alerts, or planning a deployment where cost is a concern — even if they don't explicitly mention "cost" or "budget". Proactively reference this skill when generating templates to suggest cost-saving alternatives.

Guide for deploying infrastructure across multiple cloud providers (AWS, Azure, GCP, Alibaba Cloud, Tencent Cloud, Huawei Cloud, Volcengine). Use this skill whenever the user mentions deploying to more than one cloud, comparing cloud providers, selecting regions, configuring provider credentials, or asking about cross-cloud compatibility. Also use when the user asks about a specific Chinese cloud provider (Alibaba, Tencent, Huawei, Volcengine) since these have unique authentication patterns that differ from Western clouds.

Terraform IaC best practices for cloud infrastructure deployments. Use this skill whenever the user is writing Terraform code, creating templates, generating .tf files, asking about state management, modules, variables, security groups, or any infrastructure-as-code question. Also use when reviewing or debugging Terraform configurations, discussing provider setup, or planning multi-resource deployments — even if the user doesn't explicitly mention "Terraform" but is clearly working with .tf files or HCL syntax.

Diagnose and fix Terraform deployment errors in RedC scenarios. Use this skill whenever the user encounters an error during deployment — whether it's a Terraform init failure, authentication error, resource creation failure, network timeout, state conflict, or cloud-init problem. Also use when the user pastes an error message, says "deployment failed", asks why something isn't working, or reports that instances are unreachable after creation. This skill covers the most common failure modes across all cloud providers supported by RedC.

Create, maintain, and validate redc Terraform templates for multi-cloud deployment scenarios. Use this skill whenever someone wants to add a new cloud template (ECS, EC2, VM, etc.), create a userdata script, write a compose template, update an existing template's version or configuration, fix CI validation failures, or add support for a new cloud provider. Also use when reviewing template PRs, checking case.json compliance, or standardizing output naming conventions across templates.

Look up official Terraform provider documentation before writing or debugging any Terraform resource, data source, or provider configuration. Use this skill whenever you encounter a Terraform error, need to write a new resource block, are unsure about argument syntax or valid values, need to check resource attribute constraints, or want to understand provider-specific behaviors. Consult the docs first instead of guessing Terraform arguments from memory — it consistently saves multiple debug cycles.

Red team infrastructure multi-cloud automated deployment tool. Deploy, manage, and monitor cloud instances across Alibaba Cloud, AWS, Tencent Cloud, Volcengine, Huawei Cloud, and more via MCP. Credentials are read from environment variables — only configure the single provider you intend to use. Always inspect templates before applying.

Multi-cloud red team infrastructure automation. Deploy and manage cloud resources across AWS, Aliyun, Tencent Cloud with Terraform. Includes commands for init, deploy, manage, execute, and cleanup of infrastructure cases.

审计 AboutSecurity skills 中引用的渗透工具与 f8x 安装器、arsenal 投递物仓库、tchkiller --check 之间的同步状态。当新增或修改了 skill、往 f8x 加了新工具、或者想检查工具覆盖完整性时使用此 skill。涉及关键词：工具审计、f8x 覆盖、arsenal 同步、--check 检查、工具链维护。

Write and fix vulnerability knowledge base (vulndb) entries for the tchkiller penetration testing agent. Use this skill whenever the user wants to create, import, fix, or audit vulndb markdown entries. This includes: writing new vulnerability entries from CVE/CNVD data or security advisories, converting vulnerability analysis articles or blog posts into vulndb entries, migrating from vulhub or other vulnerability repositories, fixing quality issues in existing entries (docker references, missing sections, bad verification), or batch-processing a fix_plan.json / migration_plan.json. Always use this skill when the task involves files under vulndb/, mentions "漏洞知识库", or when the user shares a vulnerability writeup, PoC, security advisory, blog post, or CVE details and wants it added to the knowledge base. Also trigger when the user says things like "把这个漏洞加进去", "帮我写个漏洞条目", "这个CVE加到知识库", or pastes vulnerability-related content.

Skill with references

SQL Injection attack and defense techniques