Compétences ethical-hacking-methodology
🛡️

ethical-hacking-methodology

Risque moyen ⚙️ Commandes externes🌐 Accès réseau📁 Accès au système de fichiers

Learn Ethical Hacking and Penetration Testing

Security professionals need a structured methodology for authorized penetration testing. This skill provides the complete pentesting lifecycle from reconnaissance to reporting, covering essential tools and techniques used by certified ethical hackers.

Prend en charge: Claude Codex Code(CC)
⚠️ 64 Médiocre
1

Télécharger le ZIP du skill

2

Importer dans Claude

Allez dans Paramètres → Capacités → Skills → Importer un skill

3

Activez et commencez à utiliser

Tester

Utilisation de "ethical-hacking-methodology". Explain the phases of ethical hacking

Résultat attendu:

The five phases of ethical hacking are:

1. **Reconnaissance** - Gathering information about the target through passive and active methods
2. **Scanning** - Port scanning, network mapping, and vulnerability identification
3. **Gaining Access** - Exploiting discovered vulnerabilities to gain initial access
4. **Maintaining Access** - Establishing persistent access through backdoors
5. **Covering Tracks** - Clearing evidence of the penetration test
6. **Reporting** - Documenting findings professionally

Utilisation de "ethical-hacking-methodology". What tools are used for network reconnaissance?

Résultat attendu:

Key network reconnaissance tools include:

- **Nmap**: Port scanning and network mapping
- **Nikto**: Web vulnerability scanning
- **Gobuster**: Directory and subdomain enumeration
- **theHarvester**: Email and subdomain harvesting
- **WHOIS**: Domain registration information
- **DNS enumeration tools**: dig, nslookup, dnsrecon

Audit de sécurité

Risque moyen
v1 • 2/24/2026

This skill teaches authorized penetration testing methodology. Static findings flag standard security tools (nmap, Metasploit, nikto) and techniques that are used by professional security testers worldwide. The skill explicitly requires written authorization, defines clear scope boundaries, and includes ethical guidelines. Risk is mitigated by the authorization requirements and educational context.

1
Fichiers analysés
472
Lignes analysées
6
résultats
1
Total des audits

Problèmes à risque élevé (1)

SKILL.md:129SKILL.md:228-248SKILL.md:424-437
Standard Penetration Testing Tools Referenced
The skill references common pentesting tools including nmap, Nikto, Gobuster, Hydra, SQLMap, and Metasploit. These are industry-standard tools used by certified security professionals in authorized engagements.
Problèmes à risque moyen (2)
SKILL.md:270-272SKILL.md:303-305SKILL.md:283-284
Educational Attack Technique Examples
The skill includes educational examples of command injection, privilege escalation checks, and persistence techniques. These are documented as part of authorized pentesting methodology.
SKILL.md:357-363
Malware Type Definitions
The skill defines various malware types including ransomware, trojans, worms, and viruses in an educational context.

Facteurs de risque

⚙️ Commandes externes (32)
SKILL.md:72-87 SKILL.md:87-90 SKILL.md:90-106 SKILL.md:106-127 SKILL.md:127-136 SKILL.md:136-139 SKILL.md:139-157 SKILL.md:157-160 SKILL.md:160-168 SKILL.md:168-189 SKILL.md:189-198 SKILL.md:198-213 SKILL.md:213-222 SKILL.md:222-229 SKILL.md:229-248 SKILL.md:248-251 SKILL.md:251-258 SKILL.md:258-261 SKILL.md:261-272 SKILL.md:272-279 SKILL.md:279-288 SKILL.md:288-291 SKILL.md:291-305 SKILL.md:305-386 SKILL.md:386-399 SKILL.md:399-433 SKILL.md:433-434 SKILL.md:434-435 SKILL.md:435-436 SKILL.md:436-437 SKILL.md:303 SKILL.md:304
🌐 Accès réseau (10)
SKILL.md:191 SKILL.md:215 SKILL.md:263 SKILL.md:264 SKILL.md:129 SKILL.md:135 SKILL.md:254 SKILL.md:253 SKILL.md:436 SKILL.md:176
📁 Accès au système de fichiers (8)
SKILL.md:284 SKILL.md:284 SKILL.md:301 SKILL.md:388 SKILL.md:391 SKILL.md:396 SKILL.md:287 SKILL.md:167
Audité par: claude

Score de qualité

38
Architecture
100
Maintenabilité
87
Contenu
50
Communauté
45
Sécurité
91
Conformité aux spécifications

Ce que vous pouvez construire

Security Professional Learning Penetration Testing

New security professionals learning the structured methodology for authorized penetration testing engagements

Preparing for Security Certifications

Candidates preparing for CEH, OSCP, or other security certifications needing hands-on methodology reference

Structured Security Assessment Workflow

Security consultants following a documented methodology for client penetration testing engagements

Essayez ces prompts

Introduction to Ethical Hacking 
Explain the five phases of ethical hacking methodology and what happens in each phase of a penetration test.
Reconnaissance Techniques 
What are the passive reconnaissance techniques I should use before scanning a target system? Include examples of OSINT gathering.
Scanning and Enumeration 
Show me how to use nmap for port scanning and service enumeration. Include commands for TCP SYN, UDP, and service version detection.
Exploitation and Reporting 
Walk me through the exploitation phase including how to use Metasploit, and explain the structure of a professional penetration testing report.

Bonnes pratiques

  • Always obtain written authorization before testing any system
  • Document every action taken during the penetration test
  • Follow the rules of engagement and stay within defined scope

Éviter

  • Testing systems without explicit written permission
  • Exceeding the defined scope of testing
  • Using discovered vulnerabilities for personal gain or unauthorized access

Foire aux questions

Do I need permission to use this skill?
Yes. This skill is designed for authorized penetration testing only. You must have written permission from the system owner before testing any target.
What tools does this skill cover?
The skill covers industry-standard tools including nmap, Nikto, Gobuster, Hydra, SQLMap, and Metasploit Framework.
Is this skill suitable for beginners?
This skill requires basic networking knowledge and Linux command-line proficiency. It is designed for those preparing for security certifications or starting a career in penetration testing.
What are the phases of ethical hacking?
The main phases are reconnaissance, scanning, vulnerability analysis, exploitation, maintaining access, and reporting.
Can this skill be used for malicious purposes?
No. The skill explicitly requires authorization and includes ethical guidelines. Unauthorized access is illegal and strictly prohibited.
What certification paths use this methodology?
This methodology aligns with certifications like CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), and CompTIA PenTest+.

Détails du développeur

Auteur

sickn33

Licence

MIT

Dépôt

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/ethical-hacking-methodology

Réf

main

Structure de fichiers

📄 SKILL.md