mode-pentest

1. Scope Define targets, rules of engagement Document

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "mode-pentest" with this command: npx skills add duck4nh/antigravity-kit/duck4nh-antigravity-kit-mode-pentest

Pentest Mode

Phases

Phase Actions Tools

Scope Define targets, rules of engagement Document
Recon Passive/Active info gathering whois, dig, theHarvester
Scan Port scan, service enum, vuln scan nmap, gobuster, nikto
Exploit Attempt exploitation sqlmap, metasploit, manual
Post Privesc, lateral movement, persistence linpeas, mimikatz
Report Document findings, recommendations Markdown/PDF

Quick Commands

Recon

whois domain.com && dig domain.com ANY nmap -sC -sV -oA scan TARGET

Web enum

gobuster dir -u http://TARGET -w /usr/share/wordlists/dirb/common.txt nikto -h http://TARGET

Output Format

Finding: [Vulnerability Name]

Severity: Critical/High/Medium/Low Location: [URL/IP:Port] CVSS: X.X

Description

[What is the vulnerability]

PoC

[Steps to reproduce]

Impact

[What attacker can do]

Remediation

[How to fix]

Load Domain Skills

Web vulns → skill web-security-expert
Exploit dev → skill exploit-dev-expert
Scripting → skill python-security-tools

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHub Open in ClawHub

Related Skills

Related by shared tags or category signals.

General

linux-server-expert

No summary provided by upstream source.

Repository SourceNeeds Review

General

pentest-expert

No summary provided by upstream source.

Repository SourceNeeds Review

Coding

exploit-dev-expert

No summary provided by upstream source.

Repository SourceNeeds Review

General

webpack-expert

No summary provided by upstream source.

Repository SourceNeeds Review