المهارات pentest-commands
📦

pentest-commands

مخاطر عالية ⚙️ الأوامر الخارجية🌐 الوصول إلى الشبكة📁 الوصول إلى نظام الملفات

Pentest Commands Reference

This skill provides a comprehensive command reference for penetration testing tools. It helps security professionals quickly lookup nmap, Metasploit, nikto, SQLMap, Hydra, and other security testing commands during authorized assessments.

يدعم: Claude Codex Code(CC)
⚠️ 57 ضعيف
1

تنزيل ZIP المهارة

2

رفع في Claude

اذهب إلى Settings → Capabilities → Skills → Upload skill

3

فعّل وابدأ الاستخدام

اختبرها

استخدام "pentest-commands". Show me nmap commands for scanning ports on 192.168.1.1

النتيجة المتوقعة:

TCP SYN scan (stealth): nmap -sS 192.168.1.1
Full TCP connect scan: nmap -sT 192.168.1.1
UDP scan: nmap -sU 192.168.1.1
All ports: nmap -p- 192.168.1.1
Service versions: nmap -sV 192.168.1.1
OS detection: nmap -O 192.168.1.1
Comprehensive scan: nmap -A 192.168.1.1

استخدام "pentest-commands". What are the Metasploit commands to use the EternalBlue exploit?

النتيجة المتوقعة:

msfconsole -x "use exploit/windows/smb/ms17_010_eternalblue; set RHOST 192.168.1.1; exploit"
Or interactive: msfconsole > search type:exploit name:ms17_010
> use exploit/windows/smb/ms17_010_eternalblue
> set RHOST 192.168.1.1
> exploit

التدقيق الأمني

مخاطر عالية
v1 • 2/24/2026

This skill provides a comprehensive reference for penetration testing tools including Metasploit, nmap, nikto, SQLMap, Hydra, John the Ripper, and Aircrack-ng. The static analysis confirmed critical findings related to exploitation frameworks and password cracking tools. While this is a legitimate security testing reference for authorized use, it provides unconstrained access to dangerous tools without authorization verification. Risk Level: HIGH - Recommend restricted distribution or content modifications to add authorization safeguards.

1
الملفات التي تم فحصها
444
الأسطر التي تم تحليلها
11
النتائج
1
إجمالي عمليات التدقيق

مشكلات حرجة (2)

SKILL.md:138-185SKILL.md:216-236
Metasploit Framework Usage
The skill provides explicit Metasploit exploitation commands including EternalBlue, MS08-067, vsftpd backdoor, Shellshock, Drupalgeddon2, and PSExec. Also includes msfvenom payload generation for Windows, Linux, PHP, ASP, and Java reverse shells.
SKILL.md:1-444
Dangerous Tool Combination: Code Execution + Network + Credential Access
The skill combines external command execution, network scanning, and credential cracking capabilities in a single reference. This heuristic finding indicates potential for unauthorized access if used without proper authorization.

مشكلات عالية المخاطر (3)

SKILL.md:35-136SKILL.md:392-398
Network Scanning Tools
The skill provides extensive nmap commands for host discovery, port scanning, service detection, OS detection, and NSE scripts including vulnerability scanning, SMB enumeration, HTTP enumeration, and brute force attacks.
SKILL.md:294-346
Password Cracking Tools
The skill provides Hydra commands for brute forcing SSH, FTP, HTTP, SMB, RDP, MySQL, and John the Ripper for cracking password hashes and SSH key passphrases.
SKILL.md:348-365
Wireless Cracking Tools
The skill provides Aircrack-ng commands for wireless network monitoring, packet capture, deauthentication attacks, and WPA handshake cracking.
مشكلات متوسطة المخاطر (2)
SKILL.md:39-431
External Command Execution
All pentest commands are executed via shell backticks throughout the skill documentation. This allows direct execution of security tools.
SKILL.md:238-292
Web Vulnerability Scanning Tools
The skill provides nikto commands for web scanning and SQLMap for SQL injection testing, including WAF bypass techniques.
مشكلات منخفضة المخاطر (1)
SKILL.md:41-430
Example IP Addresses
Hardcoded IP addresses (192.168.x.x range) used throughout as examples. These are private IP ranges suitable for documentation.

عوامل الخطر

⚙️ الأوامر الخارجية (37)
SKILL.md:39-48 SKILL.md:48-52 SKILL.md:52-67 SKILL.md:67-71 SKILL.md:71-83 SKILL.md:83-87 SKILL.md:87-120 SKILL.md:120-124 SKILL.md:124-136 SKILL.md:136-142 SKILL.md:142-163 SKILL.md:163-167 SKILL.md:167-185 SKILL.md:185-189 SKILL.md:189-207 SKILL.md:207-211 SKILL.md:211-214 SKILL.md:214-218 SKILL.md:218-236 SKILL.md:236-240 SKILL.md:240-261 SKILL.md:261-265 SKILL.md:265-292 SKILL.md:292-296 SKILL.md:296-320 SKILL.md:320-324 SKILL.md:324-346 SKILL.md:346-350 SKILL.md:350-365 SKILL.md:365-369 SKILL.md:369-384 SKILL.md:384-390 SKILL.md:390-399 SKILL.md:399-423 SKILL.md:423-425 SKILL.md:425-429 SKILL.md:429-431
🌐 الوصول إلى الشبكة (84)
SKILL.md:383 SKILL.md:242 SKILL.md:245 SKILL.md:248 SKILL.md:251 SKILL.md:252 SKILL.md:253 SKILL.md:254 SKILL.md:257 SKILL.md:260 SKILL.md:267 SKILL.md:270 SKILL.md:273 SKILL.md:276 SKILL.md:279 SKILL.md:282 SKILL.md:285 SKILL.md:288 SKILL.md:291 SKILL.md:430 SKILL.md:430 SKILL.md:41 SKILL.md:44 SKILL.md:47 SKILL.md:54 SKILL.md:57 SKILL.md:60 SKILL.md:63 SKILL.md:66 SKILL.md:73 SKILL.md:76 SKILL.md:79 SKILL.md:82 SKILL.md:89 SKILL.md:92 SKILL.md:95 SKILL.md:98 SKILL.md:101 SKILL.md:104 SKILL.md:107 SKILL.md:110 SKILL.md:113 SKILL.md:116 SKILL.md:119 SKILL.md:126 SKILL.md:129 SKILL.md:132 SKILL.md:135 SKILL.md:156 SKILL.md:169 SKILL.md:172 SKILL.md:175 SKILL.md:178 SKILL.md:181 SKILL.md:184 SKILL.md:191 SKILL.md:194 SKILL.md:197 SKILL.md:200 SKILL.md:203 SKILL.md:206 SKILL.md:213 SKILL.md:220 SKILL.md:223 SKILL.md:226 SKILL.md:229 SKILL.md:232 SKILL.md:235 SKILL.md:298 SKILL.md:301 SKILL.md:304 SKILL.md:307 SKILL.md:310 SKILL.md:313 SKILL.md:316 SKILL.md:319 SKILL.md:380 SKILL.md:392 SKILL.md:395 SKILL.md:398 SKILL.md:424 SKILL.md:301 SKILL.md:298 SKILL.md:319
📁 الوصول إلى نظام الملفات (2)
SKILL.md:89 SKILL.md:424

الأنماط المكتشفة

Payload Generation (msfvenom)Reverse Shell HandlersSSH Key Passphrase Cracking
تم تدقيقه بواسطة: claude

درجة الجودة

38
الهندسة المعمارية
100
قابلية الصيانة
87
المحتوى
50
المجتمع
0
الأمان
100
الامتثال للمواصفات

ماذا يمكنك بناءه

Security Professional Quick Reference

Professional penetration testers use this skill as a quick command lookup during authorized security assessments. The comprehensive command reference saves time searching through documentation.

Security Training and Education

Students learning penetration testing use this skill to understand proper command syntax for various security testing tools in lab environments.

Red Team Operations

Red team members use this command reference during authorized red team engagements to quickly execute network scanning, exploitation, and post-exploitation commands.

جرّب هذه الموجهات

Basic Nmap Scan 
Show me nmap commands for scanning a target network 192.168.1.0/24 to discover live hosts and open ports
Metasploit Exploit Search 
Find Metasploit commands to search for and use the EternalBlue exploit against a Windows target
Password Cracking Setup 
Show Hydra commands for brute forcing SSH login and John the Ripper commands for cracking password hashes
Web Application Testing 
Provide nikto and SQLMap commands for testing a web application at http://192.168.1.100 for vulnerabilities

أفضل الممارسات

  • Always verify you have written authorization before testing any target system
  • Use timing templates (-T4, -T5) carefully to avoid detection or system impact
  • Document all commands executed and findings for penetration test reports

تجنب

  • Never use these commands against systems without explicit authorization
  • Avoid running aggressive scans that could disrupt production systems
  • Do not share or publish results that could aid malicious actors

الأسئلة المتكررة

What tools are included in this skill?
This skill includes command references for nmap (network scanning), Metasploit (exploitation), nikto (web scanning), SQLMap (SQL injection), Hydra (password brute forcing), John the Ripper (hash cracking), Aircrack-ng (wireless testing), and Wireshark/Tshark (packet analysis).
Do I need special permissions to use these commands?
Yes. You must have written authorization from the system owner before using any penetration testing tools. Unauthorized access is illegal and unethical.
What operating system do I need?
These commands require Kali Linux or another penetration testing distribution with the security tools pre-installed.
Can this skill execute the commands for me?
No. This skill provides command reference syntax only. You must execute the commands yourself using your installed security tools.
Are these commands safe to use in production environments?
Some commands like aggressive nmap scans and brute force attacks can impact system performance or cause account lockouts. Use with caution and only in authorized test environments.
What are the legal considerations?
Using penetration testing tools without authorization is illegal in most jurisdictions. Always obtain written scope and authorization before testing. Consult legal counsel for specific regulations in your area.

تفاصيل المطور

المؤلف

sickn33

الترخيص

MIT

المستودع

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/pentest-commands

مرجع

main

بنية الملفات

📄 SKILL.md