exploitation▌
12 indexed skills · max 10 per page
exploiting-vulnerabilities-with-metasploit-framework
mukul975/Anthropic-Cybersecurity-Skills · exploiting-vulnerabilities-with-metasploit-framework
The Metasploit Framework is the world's most widely used penetration testing platform, maintained by Rapid7. It contains over 2,300 exploits, 1,200 auxiliary modules, and 400 post-exploitation modules
performing-kerberoasting-attack
mukul975/Anthropic-Cybersecurity-Skills · performing-kerberoasting-attack
Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting Kerberos TGS (Ticket Granting Service) tickets for accounts with Service Principal Names
conducting-spearphishing-simulation-campaign
mukul975/Anthropic-Cybersecurity-Skills · conducting-spearphishing-simulation-campaign
Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access. Unlike broad phishing campaigns, spearphishing uses OSINT-derived intelligence to craf
conducting-pass-the-ticket-attack
mukul975/Anthropic-Cybersecurity-Skills · conducting-pass-the-ticket-attack
Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate to services without knowing the user's password. By extracting Kerberos tickets fro
performing-open-source-intelligence-gathering
mukul975/Anthropic-Cybersecurity-Skills · performing-open-source-intelligence-gathering
Open Source Intelligence (OSINT) gathering is the first active phase of a red team engagement, where operators collect publicly available information about the target organization to identify attack s
exploiting-ms17-010-eternalblue-vulnerability
mukul975/Anthropic-Cybersecurity-Skills · exploiting-ms17-010-eternalblue-vulnerability
MS17-010 (EternalBlue) is a critical vulnerability in Microsoft's SMBv1 implementation that allows remote code execution. Originally discovered by the NSA and leaked by the Shadow Brokers in 2017, it
performing-ssrf-vulnerability-exploitation
mukul975/Anthropic-Cybersecurity-Skills · performing-ssrf-vulnerability-exploitation
Test for Server-Side Request Forgery vulnerabilities by probing cloud metadata endpoints, internal network services, and protocol handlers through user-controllable URL parameters. Tests AWS/GCP/Azure metadata APIs (169.254.169.254), internal port scanning via HTTP, URL scheme bypass techniques, and DNS rebinding detection.
performing-external-network-penetration-test
mukul975/Anthropic-Cybersecurity-Skills · performing-external-network-penetration-test
Conduct a comprehensive external network penetration test to identify vulnerabilities in internet-facing infrastructure using PTES methodology, reconnaissance, scanning, exploitation, and reporting.
exploiting-active-directory-with-bloodhound
mukul975/Anthropic-Cybersecurity-Skills · exploiting-active-directory-with-bloodhound
BloodHound is a graph-based Active Directory reconnaissance tool that uses graph theory to reveal hidden and unintended relationships within AD environments. Red teams use BloodHound to identify attac
exploiting-smb-vulnerabilities-with-metasploit
mukul975/Anthropic-Cybersecurity-Skills · exploiting-smb-vulnerabilities-with-metasploit
Identifies and exploits SMB protocol vulnerabilities using Metasploit Framework during authorized penetration tests to demonstrate risks from unpatched Windows systems, misconfigured shares, and weak authentication in enterprise networks.