MCP App StoreMCP App Store
from xalgorix623
Offensive/blue-team skill for authorized pentests: enumerates FreeIPA/LDAP/Kerberos environments, finds HBAC/sudo misconfigurations, reuses CCACHE/keytabs and m
This skill provides a practical playbook for enumerating and assessing FreeIPA-based identity domains during authorized security engagements. It outlines fingerprinting steps, anonymous and authenticated LDAP queries, Kerberos ticket handling (CCACHE/keytab), HBAC and sudo-rule analysis, and construction of an IPAHound-style attack graph to surface delegation or takeover paths. The skill includes example commands and output formats for findings.
Use during sanctioned penetration tests, red-team assessments or incident response when hosts are FreeIPA-joined or key files (krb5.conf, krb5.keytab, CCACHE) are present. It is aimed at testers who need to quickly triage domain exposure, identify privilege escalation routes, and produce actionable remediation guidance for defenders.
Best used with agents that can follow technical runbooks and output structured vulnerability reports (security-focused LLM assistants, pentest automation agents).
This skill has not been reviewed by our automated audit pipeline yet.
Building Threat Hunt Hypothesis Framework
Framework and workflow to turn threat intelligence and telemetry into testable, falsifiable threat-hunting hypotheses for proactive detection.
Ransomware-Resilient Backup Strategy
Designs and documents a ransomware-resilient backup architecture (3-2-1-1-0), immutability, credential isolation and automated restore testing aligned to RPO/RT
Performing SSL/TLS Security Assessment
Use sslyze to assess SSL/TLS server configurations: supported protocols, cipher suites, certificate chains, HSTS/OCSP, and common vulnerabilities like Heartblee
Pentesting rsync (port 873)
Procedures and checks to enumerate and exploit rsync daemon modules (port 873), detect unauthenticated shares, brute-force auth, and safely verify read/write ex
Configuring Identity-Aware Proxy (IAP) for Google Cloud
Step-by-step guide to secure Google Cloud services (Compute, App Engine, Cloud Run, GKE) with Identity-Aware Proxy, access levels, and programmatic service-acco
Reverse Engineer
Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for
Sandbox0 Integration
Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.
CTF Write-up Generator
Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.
Azure External Attack Surface Management
Provides expert guidance for Azure External Attack Surface Management (EASM): quotas, configuration, integrations, and exporting inventory to analytics platform
Node.js Best Practices
Guidelines and decision-making for Node.js architecture, runtime, async patterns, security, validation, and testing to inform framework and system choices.
tmux Remote Control
Control tmux sessions for interactive TTYs: send keystrokes, capture panes, orchestrate parallel coding agents, and monitor output safely.
radar — Smart Contract AST & Security Analysis
Multi-framework AST generator and static analysis tool for smart contracts (Rust/Anchor/Stylus and Solidity/Foundry) with a template DSL for writing detection r
Bash Pro
Defensive, production-grade Bash scripting patterns and CI/CD best practices: strict mode, safe argument parsing, testing with Bats, and tooling (ShellCheck/shf