This skill should be used when the user asks to "use Metasploit for penetration testing", "exploit vulnerabilities with msfconsole", "create payloads with msfvenom", "perform post-exploitation", "use auxiliary modules for scanning", or "develop custom exploits". It provides comprehensive guidance for leveraging the Metasploit Framework in security assessments.
Manage shell aliases in the .aliases file for this dotfiles repository. Use when the user wants to add, remove, update, or search for shell aliases and shortcuts. Triggers include mentions of "alias", "shortcut", "command abbreviation", ".aliases file", or requests to create command shortcuts.
The assistant provides essential penetration testing commands for Nmap, Metasploit, SQLMap, Hydra, John the Ripper, Nikto, and other tools. Activate when users ask about "pentest commands," "nmap scanning," "metasploit exploits," "password cracking," "web vulnerability scanning," or "network enumeration."
This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SSH credentials", "exploit SSH vulnerabilities", "perform SSH tunneling", or "audit SSH security". It provides comprehensive SSH penetration testing methodologies and techniques.
Comprehensive reference for Kali Linux tools. Use this skill to find, understand, and use security tools in Kali Linux. It provides a categorized index of all available tools.
This skill should be used when the user asks to "learn Linux for pentesting", "use Linux commands for hacking", "manage Linux processes", "manipulate text in Linux", "write bash scripts", or "configure Linux networking". It provides comprehensive Linux fundamentals for penetration testing.
This skill should be used when the user asks to "escalate privileges", "get root access", "become administrator", "privesc techniques", "abuse sudo", "exploit SUID binaries", "Kerberoasting", "pass-the-ticket", "token impersonation", or needs guidance on post-exploitation privilege escalation for Linux or Windows systems.
This skill should be used when the user asks to "escalate privileges on Linux", "find privesc vectors on Linux systems", "exploit sudo misconfigurations", "abuse SUID binaries", "exploit cron jobs for root access", "enumerate Linux systems for privilege escalation", or "gain root access from low-privilege shell". It provides comprehensive techniques for identifying and exploiting privilege escalation paths on Linux systems.
The assistant provides comprehensive network port and protocol reference information for security assessments and penetration testing. Activate when users ask about "port numbers," "common ports," "service ports," "TCP/UDP ports," "what runs on port X," or "protocol identification."
Build and deploy NixOS or Darwin configurations to local or remote hosts.
This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning", "exploit vulnerabilities", or "write penetration test reports". It provides comprehensive ethical hacking methodology and techniques.
Guide for creating Gemini CLI policy engine TOML rules. Covers rule syntax, priority tiers, conditions, and MCP wildcards. Use when restricting Gemini tools, creating security policies, controlling MCP server permissions, or setting up approval workflows.
This skill should be used when the user asks to "run Linux commands", "manage users and permissions", "configure file systems", "work with LVM", "set up networking", "manage services with systemd", "configure firewalls", "implement SELinux or AppArmor", or "automate tasks with cron". It provides comprehensive Linux command reference for security professionals.
Session lifecycle and system operations. Use when creating sessions, saving state, getting dashboard data, or running system queries.
This skill should be used when the user asks to "perform quick enumeration", "run directory busting", "enumerate DNS", "discover live hosts", "brute force passwords", or "needs a pentest cheat sheet". It provides rapid reference commands for penetration testing.
This skill should be used when the user asks to "perform vulnerability scanning", "scan networks for open ports", "assess web application security", "scan wireless networks", "detect malware", "check cloud security", or "evaluate system compliance". It provides comprehensive guidance on security scanning tools and methodologies.
This skill should be used when the user asks to "perform OSCP-style penetration testing", "enumerate network services", "escalate privileges on Windows or Linux", "conduct Active Directory attacks", "transfer files between systems", "crack password hashes", or "execute lateral movement techniques". It provides a comprehensive methodology and command reference for offensive security certification preparation and real-world penetration testing.
Execute comprehensive L1-L4 network device inspection. Use when user asks to "inspect all devices", "run comprehensive health check", "full network audit", or needs systematic L1-L4 analysis across multiple devices.
Execute simple network status queries that require 1-2 commands. Use when user asks to "check device status", "show interface", "query routing table", "display BGP neighbors", or needs simple read-only information retrieval.
The assistant guides users through configuring and testing network services including HTTP, HTTPS, SNMP, and SMB for penetration testing labs. Activate when users ask about "setting up web server," "configure HTTP/HTTPS," "SNMP enumeration setup," "SMB share configuration," or "network service testing."
Implement hooks for permission control and security in custom agents. Use when adding security controls, blocking dangerous operations, implementing audit trails, or designing permission governance.
orchestrate multiple amp agents with bidirectional tmux communication. use for multi-hour autonomous runs with INDEPENDENT parallel tasks. NOT for review courts or generating opinions to reconcile.
