陌讯skills聚合平台

pentest-recon-surface-analysis

📁 crtvrffnrt/skills 📅 9 days ago
9
总安装量
9
周安装量
#31926
全站排名
安装命令
npx skills add https://github.com/crtvrffnrt/skills --skill pentest-recon-surface-analysis

Agent 安装分布

gemini-cli 9
amp 7
github-copilot 7
codex 7
kimi-cli 7
opencode 7

Skill 文档

Recon & Surface Analysis

Activation Triggers (Positive)

  • recon
  • enumerate
  • surface map
  • asset inventory
  • endpoint discovery
  • technology fingerprinting
  • control plane mapping

Exclusion Triggers (Negative)

  • build exploit
  • weaponize payload
  • write final report
  • only validate known vulnerability

Output Schema

  • Surface inventory: asset, interface, auth state, confidence
  • Entry-point matrix: input, trust boundary, initial risk hypothesis
  • Prioritized next tests: ordered by likely impact and test cost

Instructions

  1. Build an explicit target model first: interfaces, trust boundaries, and identity contexts.
  2. Enumerate only what is necessary to expose actionable attack paths.
  3. Normalize findings into a deduplicated inventory before deeper testing.
  4. Label each surface with attacker preconditions and probable abuse class.
  5. Mark unknowns that block progression and propose the minimum test to resolve each.
  6. Hand off precise, testable targets to downstream skills.

Should Do

  • Keep reconnaissance hypothesis-driven, not tool-driven.
  • Capture reproducible evidence for each discovered surface.
  • Prioritize externally reachable and privilege-sensitive paths.

Should Not Do

  • Do not claim vulnerabilities at recon stage without abuse validation.
  • Do not perform heavy fuzzing or exploit attempts here.
  • Do not include organization-specific URLs, identifiers, or credentials in reusable guidance.
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。