المهارات Red Team Tools and Methodology
🎯

Red Team Tools and Methodology

مخاطر منخفضة ⚙️ الأوامر الخارجية🌐 الوصول إلى الشبكة

Run Professional Bug Bounty Reconnaissance

Security researchers need structured methodology to discover vulnerabilities efficiently. This skill provides proven workflows from top bug bounty hunters for subdomain enumeration, live host discovery, and vulnerability scanning.

يدعم: Claude Codex Code(CC)
⚠️ 68 ضعيف
1

تنزيل ZIP المهارة

2

رفع في Claude

اذهب إلى Settings → Capabilities → Skills → Upload skill

3

فعّل وابدأ الاستخدام

اختبرها

استخدام "Red Team Tools and Methodology". Show me subdomain enumeration commands for example.com

النتيجة المتوقعة:

Here are the recommended subdomain enumeration commands:

1. Passive enumeration:
amass enum -passive -d example.com -src
subfinder -d example.com
assetfinder --subs-only example.com

2. Active enumeration:
amass enum -active -d example.com

3. Combine results:
cat *.txt | sort -u > all_subs.txt

استخدام "Red Team Tools and Methodology". How do I set up automated reconnaissance?

النتيجة المتوقعة:

Here is a basic automated recon script structure:

1. Subdomain enumeration: subfinder -d $domain
2. Live host check: cat subs.txt | httpx
3. URL collection: cat live.txt | waybackurls
4. Vulnerability scan: nuclei -l live.txt

Each step feeds into the next for an automated pipeline.

التدقيق الأمني

مخاطر منخفضة
v1 • 2/24/2026

This skill provides documentation for legitimate security testing tools and methodologies used in authorized bug bounty programs. The detected 'external_commands' are standard reconnaissance tools (amass, subfinder, httpx, nuclei) documented for educational purposes. The 'network' findings are example URLs and public reconnaissance services. No malicious code, exploits, or unauthorized access methods are present. The skill appropriately includes constraints for authorized testing within scope.

1
الملفات التي تم فحصها
311
الأسطر التي تم تحليلها
5
النتائج
1
إجمالي عمليات التدقيق
مشكلات متوسطة المخاطر (2)
SKILL.md:37-310
External Command Documentation
Skill documents usage of security testing tools (amass, subfinder, httpx, nuclei). These are standard legitimate tools used in authorized bug bounty programs. No command injection vulnerability exists - these are documentation examples for running security tools.
SKILL.md:49SKILL.md:189-197
Network Reconnaissance URLs
Contains example URLs and public reconnaissance services (BGP.he.net). These are standard resources used in authorized security testing.
مشكلات منخفضة المخاطر (1)
SKILL.md:33-311
Reconnaissance Methodology Documentation
Skill documents reconnaissance techniques including subdomain enumeration and network scanning. This is standard bug bounty methodology and requires authorization via bug bounty program scope.

عوامل الخطر

⚙️ الأوامر الخارجية (28)
SKILL.md:37-50 SKILL.md:50-56 SKILL.md:56-80 SKILL.md:80-86 SKILL.md:86-95 SKILL.md:95-101 SKILL.md:101-110 SKILL.md:110-116 SKILL.md:116-131 SKILL.md:131-154 SKILL.md:154-168 SKILL.md:168-172 SKILL.md:172-181 SKILL.md:181-187 SKILL.md:187-199 SKILL.md:199-203 SKILL.md:204-231 SKILL.md:231-250 SKILL.md:250-259 SKILL.md:259-263 SKILL.md:263-270 SKILL.md:270-284 SKILL.md:284-286 SKILL.md:286-290 SKILL.md:290-292 SKILL.md:292-296 SKILL.md:296-299 SKILL.md:299-310
🌐 الوصول إلى الشبكة (6)
SKILL.md:49 SKILL.md:118 SKILL.md:189 SKILL.md:192 SKILL.md:193 SKILL.md:197
تم تدقيقه بواسطة: claude

درجة الجودة

38
الهندسة المعمارية
100
قابلية الصيانة
85
المحتوى
50
المجتمع
78
الأمان
74
الامتثال للمواصفات

ماذا يمكنك بناءه

Set Up Bug Bounty Recon Pipeline

Automate the initial reconnaissance phase when starting a new bug bounty program engagement.

Learn Professional Testing Workflows

Study documented methodologies from experienced security professionals to improve testing efficiency.

Reference Security Tool Commands

Quickly look up correct syntax and options for common security testing tools during engagements.

جرّب هذه الموجهات

Beginner Subdomain Discovery 
Show me how to enumerate subdomains for target.com using passive reconnaissance tools.
Live Host Identification 
What is the workflow for discovering live web hosts from a list of subdomains?
Automated Vulnerability Scanning 
Set up a comprehensive Nuclei scan workflow for discovered hosts.
XSS Hunting Pipeline 
Build an automated XSS testing pipeline using paramspider, Gxss, and dalfox.

أفضل الممارسات

  • Always verify you have authorization before testing any target
  • Respect bug bounty program rules and scope limitations
  • Use rate limiting to avoid blocking or DoS
  • Manually verify automated tool findings before reporting

تجنب

  • Testing systems outside of authorized scope
  • Running high-intensity fuzzing without permission
  • Skipping manual verification of automated scanner results
  • Ignoring program rules about rate limits and testing restrictions

الأسئلة المتكررة

Do I need special tools installed?
Yes, this skill documents commands for tools like Amass, Subfinder, httpx, Nuclei, and ffuf. You will need to install these tools on your system.
Can I use this skill for penetration testing?
Yes, the methodology applies to both bug bounty and penetration testing engagements. Always ensure you have authorization.
Does this skill run scans automatically?
No, this skill provides methodology and command references. You must execute the commands yourself with your own tools.
Are API keys required?
Some advanced features require API keys for services like Shodan, Censys, or paid data sources. The skill works without them but with limited functionality.
What is the target audience for this skill?
Bug bounty hunters, penetration testers, red team members, and security researchers who want structured testing methodologies.
Is this skill legal to use?
The methodology is legal when used for authorized security testing. Always obtain proper authorization through bug bounty programs or penetration testing contracts.

تفاصيل المطور

المؤلف

sickn33

الترخيص

MIT

المستودع

https://github.com/sickn33/antigravity-awesome-skills/tree/main/web-app/public/skills/red-team-tools

مرجع

main

بنية الملفات

📄 SKILL.md