mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 14:14:56 +03:00
mukul975
27c6414ca5
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
1.8 KiB
1.8 KiB
Internal Network Penetration Test — API Reference
Libraries
| Library | Install | Purpose |
|---|---|---|
| ldap3 | pip install ldap3 |
LDAP queries for AD enumeration |
| impacket | pip install impacket |
SMB relay, credential dumping, lateral movement tools |
| python-nmap | pip install python-nmap |
Python wrapper for nmap scanning |
Key Tools & Commands
| Tool | Command | Purpose |
|---|---|---|
| nmap | nmap -sV -sC --top-ports 1000 <target> |
Service version and script scan |
| Responder | responder -I eth0 -A |
LLMNR/NBT-NS poisoning (analyze mode) |
| CrackMapExec | cme smb <target> --gen-relay-list |
Find hosts with SMB signing disabled |
| BloodHound | bloodhound-python -d domain -u user -p pass |
AD attack path mapping |
| ntlmrelayx | ntlmrelayx.py -t <target> -smb2support |
NTLM relay attack |
Common Internal Vulnerabilities
| Vulnerability | Impact | CVSS |
|---|---|---|
| SMB signing disabled | NTLM relay attacks | 7.5 |
| LLMNR/NBT-NS enabled | Credential capture | 7.0 |
| Default credentials | Unauthorized access | 9.0 |
| Unpatched EternalBlue (MS17-010) | Remote code execution | 9.8 |
| Kerberoasting-eligible SPNs | Offline password cracking | 7.5 |
Windows Event IDs for Detection
| Event ID | Description |
|---|---|
| 4625 | Failed logon attempt (brute force indicator) |
| 4648 | Logon with explicit credentials |
| 4768 | Kerberos TGT request |
| 4769 | Kerberos service ticket request |