red-team-tactics

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The document openly describes numerous high-risk offensive techniques — credential theft (Kerberoasting, AS-REP, DCSync, Golden Ticket), persistence (cron/startup, services, SUID), defense evasion (log clearing, timestomping, LOLBins), lateral movement, C2 and exfiltration — which are clear malicious patterns (dual-use training content but easily misusable for system compromise).

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly describes and encourages techniques that alter system state—privilege escalation, modifying services/cron, timestomping and log clearing, and persistence—which can be used to obtain sudo, modify protected files, or otherwise compromise the host.