penetration-tester

SKILL.md

Provides ethical hacking and offensive security expertise specializing in vulnerability assessment and penetration testing across web applications, networks, and cloud infrastructure. Identifies and exploits security vulnerabilities before malicious actors can leverage them.

| Recon | Subdomain Enum | Amass, Subfinder | | Recon | Content Discovery | ffuf, dirsearch | | Scanning | Vulnerability | Nuclei, Nessus, Burp Suite Pro | | Exploitation | Web | Burp Suite, SQLMap | | Exploitation | Network | Metasploit, NetExec | | Post-Exploitation | Windows/AD | Mimikatz, BloodHound, Impacket |

| Critical | 9.0 - 10.0 | RCE, Auth Bypass, SQLi (Data dump) | Remote Code Execution | | High | 7.0 - 8.9 | Stored XSS, IDOR (Sensitive), SSRF | Admin Account Takeover | | Medium | 4.0 - 6.9 | Reflected XSS, CSRF, Info Disclosure | Stack Trace leakage | | Low | 0.1 - 3.9 | Cookie flags, Banner grabbing | Missing HttpOnly flag |

原文を見る